[top-posting fixed up manually]
>>> is it possible to limit active sessions number by IP address[?]
>> Maybe.  What's a "session"?  [some possibilities]
> I mean for all TCP sessions.  [both NATted and not]

Hm.  I don't know of any way to limit NAT state per IP, but such a
thing could exist.  Since the kernel keeps no state for non-NATted
connections (ie, connections for which it's acting as an ordinary IP
router), I doubt you'll find any way to impose the limit you want for
those.

In passing, why do you want to do this?  It sounds like an odd desire,
and I'm having trouble imagining any use for it.  While it's certainly
possible I just haven't thought of something, it's also possible that
there is some other way to reach the goal that you're trying to reach
by imposing this limit.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B