API tools faq
paste
Guest User

Untitled

a guest
Jul 16th, 2018
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.91 KB | None | 0 0
raw download clone embed print report
  1. IPT=/sbin/iptables
  2.  
  3. # New custom chains
  4. $IPT -N icmp-flood
  5. $IPT -N syn-flood
  6.  
  7. # Custom chains definition
  8. $IPT -A icmp-flood -m limit --limit 1/sec --limit-burst 100 -j RETURN
  9. $IPT -A icmp-flood -j LOG --log-prefix "icmp-flood-detected"
  10. $IPT -A icmp-flood -j DROP
  11. $IPT -A syn-flood -m limit --limit 15/sec --limit-burst 60 -j RETURN
  12. $IPT -A syn-flood -j DROP
  13.  
  14. #
  15. $IPT -A INPUT -m state --state INVALID -j DROP
  16. $IPT -A INPUT -i eth0 -p icmp -j icmp-flood
  17. $IPT -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j syn-flood
  18. $IPT -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name SSH --rsource
  19. $IPT -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 10 --hitcount 5 --rttl --name SSH --rsource -j DROP
  20. $IPT -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 --rttl --name SSH --rsource -j DROP
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!