Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
- -A INPUT -p tcp -m multiport --dports 80,443 -m recent --update --seconds 3600 --name BANNED --rsource -j DROP
- -A INPUT -p tcp -m multiport --dports 80,443 -m state --state NEW -j ATTK_CHECK
- -A ATTACKED -m limit --limit 5/min -j LOG --log-prefix "IPTABLES (Rule ATTACKED): " --log-level 7
- -A ATTACKED -m recent --set --name BANNED --rsource -j DROP
- -A ATTK_CHECK -m recent --set --name ATTK –-rsource
- -A ATTK_CHECK -m recent --update --seconds 600 --hitcount 150 --name ATTK --rsource -j ATTACKED
- -A ATTK_CHECK -m recent --update --seconds 60 --hitcount 50 --name ATTK --rsource -j ATTACKED
- -A ATTK_CHECK -j ACCEPT
- ip route add blackhole $IP_HERE
- ip route flush cache
- iptables -A INPUT -p tcp --dport 80 -m hashlimit --hashlimit-upto 50/min
- --hashlimit-burst 500 --hashlimit-mode srcip --hashlimit-name http -j ACCEPT
- iptables -A INPUT -p tcp --dport 80 -j DROP
Add Comment
Please, Sign In to add comment