I've launched a new AWS EC2 instance running Amazon Linux 2023. I want to set up nftables with the nftables.conf file to limit the concurrent connections per source IP so that any one user cannot hog all the server resources. I feel like I've tried every combination of ct count / set / map / meter / etc that I can find in any nftables documentation, but everything either ends up in some sort of syntax error, or operation not supported error, or else just doesn't work as expected (such as limiting the total number of connections, rather than a limit per source IP), so I'm guessing there's something special about Amazon Linux 2023 here.
An example of what I'm trying to do is limit any individual IP to having no more than 5 active connections into port 22. I don't care how often they connect, just that if there are 5 active connections at any time, it will reject a 6th from that IP.
This was easy to do using iptables on Amazon Linux2 instances, and it feels like it should be basic firewall functionality, but nothing seems to work.
Details if they matter:
The specific version of AL2023 launched is 2023.7.20250331
nftables was installed with "dnf install nftables"
"nft --version" outputs "nftables v1.0.4 (Lester Gooch #3)"
