iptables tips & tricks

iptables is a firewall app that can filter packets.

#Detect DoS attack by limiting to 12 connections/sec
iptables -t nat -N syn-flood
iptables -t nat -A syn-flood -m limit --limit=12/s --limit-burst 24 -j RETURN
iptables -t nat -A syn-flood -j DROP
iptables -t nat -A PREROUTING -i $EXT_IFACE -d $DEST_IP -p tcp --syn -j syn-flood

Note that $DEST_IP is ultimate requested IP of packet, and $EXT_IFACE is public interface of the firewall.

#Drop Xmas and NULL packets
iptables -t nat -A PREROUTING -p tcp --tcp-flags ALL ALL -j DROP
iptables -t nat -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP

This entry was posted on Wednesday, March 15th, 2006 at 1:42 pm and is filed under security. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

2 Responses to “iptables tips & tricks”

  1. The Belly Blog Says:
    August 31, 2007 at 3:54 pm

    abs exercises

    Truth About Abs

  2. Learning On Demand | 101 links of tutorials, tips, tricks and scripts for iptables Says:
    October 31, 2007 at 9:51 am

    [...] Filter packets for ddos attack [...]

Comments are closed.