[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DOS attack--Prob with iptables.pls reply urgent!!!!!

Daniel Givens wrote:

On 3/23/06, Pablo <paa-listas@argentina.com> wrote:
Can this work:

       iptables -A INPUT -p icmp -m limit --limit 3/hr -j DROP ; droping
only 3 pings per hour?

You first set the limit of how many you want to accept, then once that
limit is passed, it goes to the next rule, which is to drop it.  The
original message asked how to limit the pings to only three allowed
and then the rest blocked.  You're rule blocks the first three and
provided you have the policy set to allow, allow the rest.


iptables -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 8 -m length --length 128:65535 -j LOG --log-level debug --log-prefix IP"ICMP Oversize:" iptables -A INPUT -p icmp --icmp-type 8 -m length --length 128:65535 -j REJECT #--reject-with icmp-host-prohibited iptables -A INPUT -p icmp --icmp-type 8 -m limit --limit 3/s -j ACCEPT
iptables -A INPUT  -p icmp -f  -j LOG --log-prefix "ICMP Fagment:"
iptables -A INPUT  -p icmp -f  -j REJECT

This Is a  good solution of filtering ICMP I use it and it is working fine
It alow only 3 ping per second and ICMP packet sise is  maximum 128

Reply to: