On Sat, 31 Jul 2004 10:47:02 GMT, Juha Laiho wrote:

> "mcd" <mike@cnul.org> said:
>>Is it somebody know if it is possible to use iptables rules to allow only N
>>socket open per user, or deny the connection to a new socket if N are
>>already open ?
>
> As far as I know, there isn't such functionality. What it is that you're
> attempting to achieve (so, what you're trying to achieve with this
> limitation)?

There is a module to iptables that can do that. Check for connlimit at
http://www.netfilter.org/patch-o-matic/pom-base.html.

It is not part of the standard kernel.

It is very useful to stop p2p users from makeing too many connections.

--
Morten Isaksen
http://www.aub.dk/~misak/