This iptables rules script protects against attacks where clients send many “getstatus” or “getinfo” requests, slowing down the server.
1 2 3 4 5 6
| iptables -N et_dos iptables -A INPUT -p udp --dport 27960 -m u32 --u32 "0>>22&0x3C@ 12=0x67657473 && 0>>22&0x3C@ 16=0x74617475" -j et_dos #filter for getstatu iptables -A INPUT -p udp --dport 27960 -m u32 --u32 "0>>22&0x3C@ 12=0x67657469 && 0>>22&0x3C@ 16&0xFFFFFF00=0x6e666f00" -j et_dos #filter for getinfo iptables -A et_dos -m limit --limit 10/minute --limit-burst 5 -j RETURN iptables -A et_dos -m limit --limit 10/minute --limit-burst 5 -j LOG --log-prefix "IPTABLES DENIED (ET DoS): " --log-level 4 iptables -A et_dos -j DROP
|