Want more features on Pastebin? Sign Up, it's FREE!
This paste has a previous version, view the difference.
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
- #!/bin/bash
- #set 12345 to your server port.
- /sbin/modprobe ifb
- /sbin/modprobe sch_netem
- /sbin/modprobe sch_ingress
- /sbin/tc qdisc add dev eth0 ingress
- /sbin/ip link set dev ifb0 up
- /sbin/tc filter add dev eth0 parent ffff: protocol ip prio 10 u32 match ip protocol 6 0xff match u8 0x04 0x07 at 33 flowid 1:1 action mirred egress redirect dev ifb0
- /sbin/tc qdisc add dev ifb0 root netem delay 1000ms
- #Rate limit syn packets by ip address to triage the jamed peers.
- /sbin/iptables -I MOBLOCK_IN -p tcp --dport 12345 -i eth0 -m state --state NEW -m recent --set
- /sbin/iptables -I MOBLOCK_IN -p tcp --dport 12345 -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 1 -j DROP
- ### test by filtering ICMP (ping) through delayer
- #/sbin/tc filter add dev eth0 parent ffff: protocol ip prio 10 u32 match ip protocol 1 0xff flowid 1:1 action mirred egress redirect dev ifb0
- ### oh you wanted to stop filtering pings too?
- #/sbin/tc filter del dev eth0 parent ffff: protocol ip prio 10 u32 match ip protocol 1 0xff flowid 1:1 action mirred egress redirect dev ifb0
clone this paste
RAW Paste Data