iptables Limit port : ip 1:1 ( each port 1 ip only ) in order to limit each user

we use port range from 1000-12000 and each port for one user, so basicly i need to limit each user

    port 1 <--> 1 ip 

iptables -A INPUT -dports 1000:12000 -m iplimit --iplimit-above 1 -J REJECT

maybe?

--match multiport --dport 1000:12000

i think it must be done using iptables resent for 60 sec , once first ip connected to a spesific port, it will be allowed using Related,Established and and New connections regejected until 60 sec, then after 60 sec if ip persisted it will be re-use if user's ip not changed !

what do you think of? ubuntu , iptables , recent hash srcip

i except limit each 1port=1ip between range 1000:12000 with an static rule with iptables

in order to limit users to prevent sharing and connecting others to one port

both tcp and udp

iptables -A Related,Established -j Accept
iptables -A INPUT state NEW --dports 1000:12000 -i eth0 -m state --state NEW -m recent --set
iptables -A INPUT  state NEW --dports 1000:12000 -i eth0 -m state --state NEW -m recent --update --seconds {SECONDS} --hitcount {BLOCKCOUNT} -j reject

If you know the source IP of the users, have you considered TCPwrappers instead? https://www.cyberciti.biz/faq/tcp-wrappers-hosts-allow-deny-tutorial/

Sees an easier to manage approach.