1 min read

[Linux]Rate limit a connection with iptables

On a quick note

I had to limit the amount of packages that was directed to a single port. Usually this can be configure within the boundaries of the application. However this was an UDP based application and I wasn’t aware of any configuration parameters what would have allow this.

So I jumped to the firewall and limit the rate via iptables:

iptables -A FORWARD -s 0.0.0.0/0 -d 10.0.0.3/32 \
 -p udp \
 -i eth0 \
 -o virbr0 \
 --dport 9987\
 -m state --state NEW \
 -m limit --limit 5/second \
 -j ACCEPT
iptables -A FORWARD -s 0.0.0.0/0 -d 10.0.0.3/32 -p udp -i eth0 -o virbr0 --dport 9987\
  -j LOG --log-prefix "BRUST UDP DROP " --log-ip-options
iptables -A FORWARD -s 0.0.0.0/0 -d 10.0.0.3/32 -p udp -i eth0 -o virbr0 --dport 9987 -j DROP

This will allow up to 5 new connection to the port at the same time. When more connection are occur they will be dropped and logged.

Sources