Article 12572 at 08/04/15 08:16:05 From: jmccauley (at mark) ontarioweb.ca Subject: [coba-e:12572] Re: swarm attacks

Index: [Article Count Order] [Thread]

Date:  Mon, 14 Apr 2008 19:16:11 -0400
From:  Jon McCauley <jmccauley (at mark) ontarioweb.ca>
Subject:  [coba-e:12572] Re: swarm attacks - layer 2, packets limiting
To:  coba-e (at mark) bluequartz.org
Message-Id:  <4803E5BB.4000500 (at mark) ontarioweb.ca>
In-Reply-To:  <856392.76388.qm (at mark) web65604.mail.ac4.yahoo.com>
References:  <856392.76388.qm (at mark) web65604.mail.ac4.yahoo.com>
X-Mail-Count: 12572


> --- patricko <patricko (at mark) staff.singnet.com.sg> wrote:
>
>   
>> Hi Blues,
>>
>>
>> /sbin/iptables -N packet-limit
>> /sbin/iptables -A packet-limit -m limit --limit 100/second --limit-burst
>> 150 -j RETURN
>>
>> /sbin/iptables -A packet-limit -j LOG --log-prefix "packet flood: " 
>> /sbin/iptables -A packet-limit -j DROP
>>
>>
>>
>> layer 2 packet limiting on burst per sec.
>>
>> set reasonable number after you try-and-error on your environment.
>>
>>
>>     
>
> Once that is added, what is the procedure to save the iptables so that on a
> reboot those are not lost.
>   
iptables-save

Best Regards, Jon McCauley




-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.