Results 1 to 6 of 6
  1. #1
    Join Date
    May 2008

    Traffic limiting/shaping

    Our server (Ubuntu) is running multiple services like: web server, FTP, SSH, Teamspeak, DNS etc. We have 100Mbit connection, but the problem is sometimes there is attacker who is DOSing our server so it takes all the 100Mbits and disconnects us. Its most likely UDP DOS to Teamspeak but I didn't get any confirmation since it disconnects me from SSH before I could actually do anything. Here comes my question: is there a way to limit bandwidth based on remote IP address?
    I've read bit about iptables and tc but I don't understand it well enough. Or are there any other methods to prevent us disconnecting from SSH?
    The server is also running CSF.

    Thanks for any help

  2. #2
    The best option would be to use a hardware firewall to do this, but if this is not possible then hopefully you can configure your software firewall to block the attack or restrict bandwidth per IP as you say, I've only done this with hardware firewalls so hopefully someone can post here with instructions for CSF.
    Accelerated Hosting - From Constant Internet
    Automatically serving your website from the nearest server
    Get hosted on our global network! America / Europe / Asia

  3. #3
    MMrs do you have graphs or similar that indicate you are indeed maxing out at 100Mb/s ?

    If you are then your provider will need to filter the IP/IPs via ACLs or similar, a firewall will not help more than a router/switch with ACLs unless it is had DDOS features and its own ports do not get saturated by the attack.

    If you are not sure if you are hitting the 100Mb/s limit ask your provider for graphs, if you are not then you can typically filter it via iptables but you need to confirm if the port is saturated or not via graphs before moving in any direction.

  4. #4
    Join Date
    May 2008
    I don't rely want pay for hardware firewall because its not long attack, it only happens at weekend nights when our teamspeak is active and I and its purpose is to disconnect all users from teamspeak server.

    @IDediServer Kevin:
    Yes I am sure it hits 100Mb/s, both my providers and my own bandwidth graphs are showing it. Its probably not DDOS at max it might be 5-6 computers attacking.

  5. #5
    Join Date
    May 2008
    Its comes from waves of ~5-10 IP's after I ban then new one's are comming in. But each of them are taking 10-50Mb/s bandwidth and its UDP traffic.

  6. #6
    Join Date
    May 2008
    Half of these IP's were from hostgator's networks.

Similar Threads

  1. Limiting international traffic.
    By Richard R in forum VPS Hosting
    Replies: 5
    Last Post: 06-08-2008, 04:47 PM
  2. Limiting inbound traffic?
    By Look0ut in forum Hosting Security and Technology
    Replies: 3
    Last Post: 09-30-2005, 01:46 PM
  3. Limiting Traffic to 250MB/DAY
    By IdealBandwidth in forum Dedicated Server
    Replies: 1
    Last Post: 07-23-2004, 11:31 AM
  4. apache/traffic limiting
    By wKkaY in forum Hosting Security and Technology
    Replies: 0
    Last Post: 05-29-2003, 03:38 PM
  5. Limiting Traffic.
    By -Edward- in forum Dedicated Server
    Replies: 1
    Last Post: 04-13-2002, 05:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts