Quote:
Originally Posted by lugui
sudo iptables -t nat -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m connlimit --connlimit-above 15 --connlimit-mask 32 --connlimit-saddr -j DROP
sudo iptables -t nat -A INPUT -p udp -m connlimit --connlimit-above 15 --connlimit-mask 32 --connlimit-saddr -j DROP
Run this. It will drop any IP that makes more than 15 conections (you can lower it if you want)
|
this works only if the flood comes from the same ip address (which is a very rare case), but not for ddos flood, which can be mitigated only upstream.