# # Limit one search engine's bot to one connection in five minutes, the other to one connection in two minutes: # iptables -A INPUT -s 157.54.0.0/15 -p tcp -m tcp --dport 80 -m state --state NEW -m recent --update --seconds 300 --hitcount 1 --name BOTS --mask 255.255.255.255 --rsource -j REJECT --reject-with icmp-port-unreachable iptables -A INPUT -s 207.46.0.0/16 -p tcp -m tcp --dport 80 -m state --state NEW -m recent --update --seconds 120 --hitcount 1 --name BOTS --mask 255.255.255.255 --rsource -j REJECT --reject-with icmp-port-unreachable iptables -A INPUT -s 157.54.0.0/15 -p tcp -m tcp --dport 80 -m state --state NEW -m recent --set --name BOTS --mask 255.255.255.255 --rsource iptables -A INPUT -s 207.46.0.0/16 -p tcp -m tcp --dport 80 -m state --state NEW -m recent --set --name BOTS --mask 255.255.255.255 --rsource iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT