Hi Blues,
Just playing with this and I can not add this command with out it error.
/sbin/iptables -A packet-limit -m limit --limit 100/second --limit-burst
150 -j RETURN
iptables: No chain/target/match by that name
Chain packet-limit (0 references)
target prot opt source destination
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere
I my have typed the command wrong.
Rob
-----Original Message-----
From: Jon McCauley [mailto:jmccauley (at mark) ontarioweb.ca]
Sent: Monday, April 14, 2008 4:16 PM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:12572] Re: swarm attacks - layer 2, packets limiting
> --- patricko <patricko (at mark) staff.singnet.com.sg> wrote:
>
>
>> Hi Blues,
>>
>>
>> /sbin/iptables -N packet-limit
>> /sbin/iptables -A packet-limit -m limit --limit 100/second
--limit-burst
>> 150 -j RETURN
>>
>> /sbin/iptables -A packet-limit -j LOG --log-prefix "packet flood: "
>> /sbin/iptables -A packet-limit -j DROP
>>
>>
>>
>> layer 2 packet limiting on burst per sec.
>>
>> set reasonable number after you try-and-error on your environment.
>>
>>
>>
>
> Once that is added, what is the procedure to save the iptables so that
on a
> reboot those are not lost.
>
iptables-save
Best Regards, Jon McCauley
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.