Dear Colleagues,
Please help me to resolve the issue...
What i have: proxmox with 1 VM. On this VM works windows system and some server application on it. this server-app works with remote clients (specific client side software). And connection between server side and client side supports TCP protocol only on 1 specific port (i can set this port manually), for example port number 3000.
Thats all OK, but i need to filter ANY incoming traffic to this port (other ports already filtered) excluding traffic from client-side specific software... Because, for example i can connect to server via telnet on 3000 port, and flood, or via browser on 3000 port. Server just receives any incoming connection on 3000 port and that is a problem, cuz server can hang when it receives too much different connections (not from client-soft side)..
Server side soft rather old, and i cannot change anything with network rules on server-applicaion side and client side software both.
I cannot understand how to do this..
What if i can create a rule on proxmox firewall that can check NEW connection with quantity of first 5-7 packets, because client-server new connection always opens with SYN - SYN\ACK and then from clinet to server sends 3 packets..
Can i set any rule, to ACCEPT this new connection if after SYN-SYN\ACK server receives 3 packets from client, and REJECT connections with only SYN-SYN\ACK packets and no info after that, or REJECT connections with SYN-SYN\ACK and 3+ packets from client side...
Sorry for my english please(
Please help me to resolve the issue...
What i have: proxmox with 1 VM. On this VM works windows system and some server application on it. this server-app works with remote clients (specific client side software). And connection between server side and client side supports TCP protocol only on 1 specific port (i can set this port manually), for example port number 3000.
Thats all OK, but i need to filter ANY incoming traffic to this port (other ports already filtered) excluding traffic from client-side specific software... Because, for example i can connect to server via telnet on 3000 port, and flood, or via browser on 3000 port. Server just receives any incoming connection on 3000 port and that is a problem, cuz server can hang when it receives too much different connections (not from client-soft side)..
Server side soft rather old, and i cannot change anything with network rules on server-applicaion side and client side software both.
I cannot understand how to do this..
What if i can create a rule on proxmox firewall that can check NEW connection with quantity of first 5-7 packets, because client-server new connection always opens with SYN - SYN\ACK and then from clinet to server sends 3 packets..
Can i set any rule, to ACCEPT this new connection if after SYN-SYN\ACK server receives 3 packets from client, and REJECT connections with only SYN-SYN\ACK packets and no info after that, or REJECT connections with SYN-SYN\ACK and 3+ packets from client side...
Sorry for my english please(
