Results 1 to 6 of 6
Threaded View
-
01-13-2005, 05:49 AM #1Web Hosting Master
- Join Date
- Feb 2002
- Posts
- 2,120
How-to: Drop INVALID SYN packets with iptables
Feel free to use the following iptable commands below to drop INVALID SYN packets that sometimes are also used to flood the server..
/sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j DROP
/sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
/sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
--
Jeff @ LinuxAdminLast edited by apollo; 01-13-2005 at 05:52 AM.