hosted by liquidweb

Go Back   Web Hosting Talk : Web Hosting Main Forums : Dedicated Server : IPTables

Forum Jump


Reply Post New Thread In Dedicated Server Subscription
Send news tip View All Posts Thread Tools Search this Thread Display Modes
Old 04-23-2012, 01:10 AM
atomiclayer atomiclayer is offline
WHT Addict
Join Date: Feb 2012
Posts: 139


What rules can i place into iptables to block SYN Floods

this is what i got currently

iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP

Sponsored Links
Old 04-23-2012, 03:25 AM
VectorVPS VectorVPS is offline
(formerly WhichGunDotCom)
Join Date: Jun 2011
Location: Woodbridge, NJ
Posts: 732
Try this:

# create new chains
iptables -N syn-flood

# limits incoming packets
iptables -A syn-flood -m limit --limit 10/second --limit-burst 50 -j RETURN

# log attacks
iptables -A syn-flood -j LOG --log-prefix "SYN flood: "

# silently drop the rest
iptables -A syn-flood -j DROP

Old 04-23-2012, 08:46 AM
EvolutionCrazy EvolutionCrazy is offline
Web Hosting Master
Join Date: May 2006
Location: Italy
Posts: 593
you could also make use of hashlimit in front of recent in order to block only the attackers IP without blocking legit users

Marco Padovan - providing premium gameservers and fulfilling any kind of hosting needs in Europe/USA.
DDoS protections & general consultancy / linux servers management specialists
We provide custom system administration help - Bitcoin Accepted

Sponsored Links

Similar Threads
Thread Thread Starter Forum Replies Last Post
Error: iptables command [/sbin/iptables -v -I OUTPUT -p tcp --dport 25 -m owner --uid pooyan Hosting Security and Technology 5 03-28-2012 08:33 AM
can't initialize iptables table `filter': iptables who? (do you need to insmod?) elvis1 Hosting Security and Technology 8 11-29-2010 12:02 AM
after flush+zero iptables, will a new iptables ban work? Tertsi Hosting Security and Technology 2 01-06-2008 12:04 AM
APF & iptables... hm.. iptables is not starting.. LowAsYou Hosting Security and Technology 10 11-10-2006 11:18 PM
How to find IPtables (I can't restart iptables without a reboot) DSD Hosting Security and Technology 13 12-28-2005 03:51 PM

Related posts from
Title Type Date Posted

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Log in with your username and password

Forgot Password?
Web Hosting News:



Welcome to

Create your username to jump into the discussion! is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.

(4 digit year)

Already a member?