/sbin/iptables -N syn-flood
/sbin/iptables -A syn-flood -m limit --limit 100/second --limit-burst 150 -j RETURN
/sbin/iptables -A syn-flood -j LOG --log-prefix "SYN flood: "
/sbin/iptables -A syn-flood -j DROP



Actually , what is the meaning of 100 and 150 here ?

I don't know the meaning of this code .. so ..... I don't know how can i edit it .

Does anyone has some idea on it ? :D :bawling: :D :D

no one know the meaning ????

limit
This module matches at a limited rate using a token bucket
filter. A rule using this extension will match until this
limit is reached (unless the `!' flag is used). It can be
used in combination with the LOG target to give limited
logging, for example.

--limit rate
Maximum average matching rate: specified as a num-
ber, with an optional `/second', `/minute',
`/hour', or `/day' suffix; the default is 3/hour.

--limit-burst number
Maximum initial number of packets to match: this
number gets recharged by one every time the limit
specified above is not reached, up to this number;
the default is 5.