CONNLIMIT in csf firewall

csf is the most popular firewall used in the linux servers. Tweakings of the csf are common tasks by sysadmins and one of the commonly encountered tasks are limiting the number of connections to the server.

We can limit the number of connections from an IP address to a port at a particular time by tweaking the variable CONNLIMIT in csf firewall.

♦ Open the firewall conf file /etc/csf/csf.conf

♦ Find the directive CONNLIMIT in the conf file.

♦ Give an entry like below shown.

CONNLIMIT = "80;75 21;50"

The above settings shows the server only allows 75 connections from an IP address to the port 80 and 50 connections to the port 21.

Enabling this variable in firewall also limits the attack against the server.



There are no revisions for this post.

Tags: , ,

No comments yet.

Leave a Reply