mirror of
https://github.com/vimagick/dockerfiles.git
synced 2024-12-25 02:04:06 +02:00
limit connect
This commit is contained in:
parent
e9f061a465
commit
b6ac07f59b
@ -7,6 +7,8 @@ MAINTAINER kev <noreply@datageek.info>
|
||||
|
||||
RUN apk add -U iproute2
|
||||
|
||||
ENV LIMIT_PORT 8388
|
||||
ENV LIMIT_CONN 5
|
||||
ENV TCP_PORTS 80,443
|
||||
ENV UDP_PORTS 53
|
||||
ENV RATE 1mbit
|
||||
@ -15,6 +17,7 @@ ENV LATENCY 50ms
|
||||
ENV INTERVAL 60
|
||||
|
||||
CMD iptables -F \
|
||||
&& iptables -A INPUT -p tcp -m state --state NEW --dport $LIMIT_PORT -m connlimit --connlimit-above $LIMIT_CONN -j DROP \
|
||||
&& iptables -A OUTPUT -p tcp -m state --state NEW -m multiport ! --dports $TCP_PORTS -j DROP \
|
||||
&& iptables -A OUTPUT -p udp -m state --state NEW -m multiport ! --dports $UDP_PORTS -j DROP \
|
||||
&& tc qdisc add dev eth0 root tbf rate $RATE burst $BURST latency $LATENCY \
|
||||
|
Loading…
Reference in New Issue
Block a user