Article 12569 at 08/04/15 05:04:19 From: dan (at mark) dogsbody.org Subject: [coba-e:12569] Re: swarm attacks

Index: [Article Count Order] [Thread]

Date:  Mon, 14 Apr 2008 21:04:09 +0100
From:  Dogsbody <dan (at mark) dogsbody.org>
Subject:  [coba-e:12569] Re: swarm attacks - layer 2, packets limiting
To:  coba-e (at mark) bluequartz.org
Message-Id:  <4803B8B9.2060503 (at mark) dogsbody.org>
In-Reply-To:  <20080414193948.615deb1b@patricko>
References:  <1200665372.3555.39.camel (at mark) silverbird>	<cfc6b7240801181003m364e58cer8b08d476f2540e4a (at mark) mail.gmail.com>	<918C728F-1867-4A3B-8D71-BF65A86B3A70 (at mark) kommunity.net> <20080414193948.615deb1b (at mark) patricko>
X-Mail-Count: 12569


> /sbin/iptables -N packet-limit
> /sbin/iptables -A packet-limit -m limit --limit 100/second --limit-burst 150 -j RETURN
> /sbin/iptables -A packet-limit -j LOG --log-prefix "packet flood: " 
> /sbin/iptables -A packet-limit -j DROP
> layer 2 packet limiting on burst per sec.
> set reasonable number after you try-and-error on your environment.

Nice!!  I'll look at adding this to my iptables recipe  :-)

Thank you.

Dan