Learn How To Prevent Concurrent Connections On Linux Using IPTables

July 29, 2019

Table of Contents

iptables is firewall software that can be found in lots of distributions, including CentOS and Ubuntu. In this doc, you’ll see how you can prevent concurrent connections from a single IP address by using iptables. This can improve security and prevent simple DDoS attacks.

Step 1: Verifying IPTables installation

To verify if iptables has been installed, execute:

which iptables

If this returns a path such as /sbin/iptables, then iptables is installed on your system. Otherwise, you can install it by executing apt-get install iptables, or yum install iptables.

If you’re running a Debian-based system, install iptables-persistent to be able to easily save and reload iptables:

apt-get install iptables-persistent

Step 2: Adding IPTables rules

While adding the iptables rules, I will explain what every rule does.

iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set

This rule will check incoming IP connections to the eth0 interface (-i eth0) to port 80.

iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROP

This rule will check if this connection is new (no risk) within the last 60 seconds (--seconds 60). It will drop the connection should traffic flow be higher than 10 (--hitcount 10).

Step 3: Saving rules

After adding the rules, you will need to save them and reload iptables. Rules can be saved using iptables-persistent, which we just installed:

service iptables-persistent save
service iptables-persistent reload

You have improved server security by limiting the concurrent connections from an IP address using iptables.

Need help?

Do you need help setting up this on your own service?
Please contact us and we’ll provide you the best possible quote!