On 15-May-01 Markus Gaugusch wrote:
iptables (from linux 2.4.x) supports something like that. although it is designed to prevent logs from getting filled, it can also be used to prevent DoS attacks. I'm sorry, but can't remember the name of the option right now :-(
I think Markus was thinking of iptables -m limit --limit x/s --limit-burst y \
--syn ... .
That's a way to limit SYNs (or --state NEW?) but I think it limits SYNs in
general and not only by one host, so it would block regular connections, too,
if that limit is exceeded.
Or is there any possibility to make a rule that says "limit the SYNs from one
host but accept them from others" ?
Bjoern Engels
LANWORKS AG
---------------------------------------------
E-Mail: Bjoern Engels