Results 1 to 4 of 4
  1. #1

    Iptables: Block IP that makes more requests in a certain time

    Hi everyone.
    In order to protect from small DoS attack I want to learn if i can give in iptables a rule that says the following for INPUT requests.
    "If an ip makes more than one request in a certain time(predined time eg 1sec) block this ip" with an no certain ip.
    All examples i have found give this rule with a certain ip.
    Can i give this as general rule for all ips?
    If yes can you give an example?
    Thnx in advance.

  2. #2
    Join Date
    Dec 2011
    You can use a script like SYN Deflate to block IPs with too many connections, BARF to block HTTP flood and something like "iptables -A INPUT -p tcp --syn -m connlimit --connlimit-above 25 -j REJECT --reject-with tcp-reset" to limit connections and "iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit --limit 1/sec -j ACCEPT" to limit new SYN connections per second/minute. Furthermore you should tweak your kernel settings:

    net.ipv4.tcp_syncookies = 1
    net.ipv4.tcp_synack_retries = 1
    net.ipv4.tcp_syn_retries = 1
    net.ipv4.tcp_max_syn_backlog = 672144
    net.ipv4.tcp_fin_timeout = 5
    JavaPipe LLC: Global Tomcat Hosting & DDoS Mitigation Solutions
    In business since 2001 | Contact us: salesrequest[at]
    █ Remote Protection | Dedicated Servers | Virtual Servers | Unmetered VPS | Tomcat Hosting

  3. #3
    Join Date
    May 2006
    you can do that using recent module along with hashlimit
    Marco Padovan - providing premium gameservers and fulfilling any kind of hosting needs in Europe/USA.
    DDoS protections & general consultancy / linux servers management specialists
    We provide custom system administration help - Bitcoin Accepted

  4. #4
    Try with fail2ban

Similar Threads

  1. Iptables block ip's another country.
    By Herenow in forum Hosting Security and Technology
    Replies: 4
    Last Post: 12-23-2011, 12:48 PM
  2. IPtables block range
    By misspink in forum VPS Hosting
    Replies: 7
    Last Post: 12-16-2010, 04:31 PM
  3. iptables cant block ip
    By Dmitry85 in forum Hosting Security and Technology
    Replies: 6
    Last Post: 06-15-2006, 07:33 AM
  4. iptables centos block an ip
    By GTPilot in forum Dedicated Server
    Replies: 3
    Last Post: 12-18-2005, 02:01 PM
  5. How do i block an IP with IPtables?
    By WWWhost in forum Hosting Security and Technology
    Replies: 23
    Last Post: 12-08-2004, 09:38 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts