Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- iptables -N INSYNBAN
- iptables -A INSYNBAN -m recent --set --name INSYNBANCOUNTER
- iptables -A INSYNBAN -m recent --update --name INSYNBANCOUNTER --seconds 120 --hitcount 1 -j DROP
- iptables -N INSYNSRCLIMITER
- iptables -A INSYNSRCLIMITER -m recent --update --name INSYNBANCOUNTER --seconds 120 --hitcount 1 -j DROP
- iptables -A INSYNSRCLIMITER -m hashlimit --hashlimit-mode srcip --hashlimit-name insynlimiter --hashlimit 1/s --hashlimit-burst 10 --hashlimit-htable-size 4096 --hashlimit-htable-max 262144 -j RETURN
- iptables -A INSYNSRCLIMITER -m limit --limit 1000/m --limit-burst 1000 -j LOG --log-level 4 --log-ip-options --log-prefix "INSYN_SRC_LIMIT EXCEED: "
- iptables -A INSYNSRCLIMITER -j INSYNBAN
- iptables -A INPUT -p tcp --syn -m state ! --state RELATED,ESTABLISHED -j INSYNSRCLIMITER
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
