In order to reduce load on our system I would like to limit access to
pop3 to something like once every 2-3 minutes. Some users currently
hammer the pop3 server with requests every 2-3 seconds!

While I kinda understand how iptables work I don't know enough about
how to setup such a rule. I think there is a -limit keyword which
ought to be able to do something like this?

I'm currently using a standard setup denying all incoming traffic,
then allowing individual services one by one. POP3 is allowed by this
rule:

$IPTABLES -A INPUT -i eth0 -d $server_ips -p tcp -m state --state NEW
--sport $UNPRIVPORTS --dport 110 -j ACCEPT

How can I modify/add to this rule so that users are limited to check
once every 2-3 minutes? -limit? How?

No takers, huh?
Am I in a wrong newsgroup perhaps? :)

madsere@yahoo.com (Rene Madsen) wrote in message news:<6a22c1a8.0308282241.16cea4d6@posting.google.com>...
> In order to reduce load on our system I would like to limit access to
> pop3 to something like once every 2-3 minutes. Some users currently
> hammer the pop3 server with requests every 2-3 seconds!
>
> While I kinda understand how iptables work I don't know enough about
> how to setup such a rule. I think there is a -limit keyword which
> ought to be able to do something like this?
>
> I'm currently using a standard setup denying all incoming traffic,
> then allowing individual services one by one. POP3 is allowed by this
> rule:
>
> $IPTABLES -A INPUT -i eth0 -d $server_ips -p tcp -m state --state NEW
> --sport $UNPRIVPORTS --dport 110 -j ACCEPT
>
> How can I modify/add to this rule so that users are limited to check
> once every 2-3 minutes? -limit? How?