Article 12570 at 08/04/15 07:11:33 From: webhosting (at mark) yahoo.com Subject: [coba-e:12570] Re: swarm attacks

Index: [Article Count Order] [Thread]

Date:  Mon, 14 Apr 2008 15:11:30 -0700 (PDT)
From:  Dan Kriwitsky <webhosting (at mark) yahoo.com>
Subject:  [coba-e:12570] Re: swarm attacks - layer 2, packets limiting
To:  coba-e (at mark) bluequartz.org
Message-Id:  <856392.76388.qm (at mark) web65604.mail.ac4.yahoo.com>
In-Reply-To:  <20080414193948.615deb1b@patricko>
X-Mail-Count: 12570


--- patricko <patricko (at mark) staff.singnet.com.sg> wrote:

> Hi Blues,
> 
> 
> /sbin/iptables -N packet-limit
> /sbin/iptables -A packet-limit -m limit --limit 100/second --limit-burst
> 150 -j RETURN
> 
> /sbin/iptables -A packet-limit -j LOG --log-prefix "packet flood: " 
> /sbin/iptables -A packet-limit -j DROP
> 
> 
> 
> layer 2 packet limiting on burst per sec.
> 
> set reasonable number after you try-and-error on your environment.
> 
> 

Once that is added, what is the procedure to save the iptables so that on a
reboot those are not lost.

-- 
Dan Kriwitsky



      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ