iptables -m recent conflicting

[Shwick]

Running ubuntu 8.04.

I'm using the recent module in two different chains SSH_PROTECT and FTP_PROTECT. What I want is for an ip to be allowed to make a new connection to SSH port 22 once every 60 seconds and FTP port 21 once every 30 seconds.

Code:

iptables -N SSH_PROTECT
iptables -A SSH_PROTECT -m recent --set
iptables -A SSH_PROTECT -m recent --update --seconds 60 --hitcount 2 -j DROP
iptables -A SSH_PROTECT -j DROP

iptables -N FTP_PROTECT
iptables -A FTP_PROTECT -m recent --set
iptables -A FTP_PROTECT -m recent --update --seconds 30 --hitcount 2 -j DROP
iptables -A FTP_PROTECT -j DROP

iptables -A INPUT 
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -p tcp --dport 22 -j SSH_PROTECT
iptables -A INPUT -m state --state NEW -i eth1 -p tcp --dport 21 -j FTP_PROTECT
iptables -P INPUT DROP

What actually happens is when an ip makes a new connection to either port 21 or 22, they cannot connect to port 21 for the next 30 seconds or port 22 for the next 60 seconds.

The recent module is only storing a session for an ip. I need it to store a session for an ip/port, or one session for each chain it's in. Is this possible?

[Lazydog]

Why don't you try to use the '--name' flag in your recent rules to break them done even more?

IPTABLES Tutorial

[Shwick]

Thanks thats exactly what I needed it works now.

[pnorten462]

this is possible but you have to do more concentration on this for make it possible.