Results 1 to 6 of 6

Threaded View

  1. #1
    Join Date
    Feb 2002
    Posts
    2,120

    How-to: Drop INVALID SYN packets with iptables

    Feel free to use the following iptable commands below to drop INVALID SYN packets that sometimes are also used to flood the server..


    /sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j DROP
    /sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
    /sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,RST SYN,RST -j DROP

    --
    Jeff @ LinuxAdmin
    Last edited by apollo; 01-13-2005 at 05:52 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •