The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security
Reload this Page ~ IPTables : Limit Incoming UDP Packets With a Certain Length ~
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read



Thread: ~ IPTables : Limit Incoming UDP Packets With a Certain Length ~
View Single Post in the UNIX and Linux Forums - Click on the Thread or Permalink to View Entire Thread -->
  #2 (permalink)  
Old 04-15-2009
otheus's Avatar
otheus otheus is offline Forum Staff  
Moderator ala Mode
  
 

Join Date: Feb 2007
Location: Innsbruck, Austria
Posts: 1,886
I'm not sure, but the second "-m length --length 20" is redundant. You only get to that table if this condition is true. What I'm not clear about the length module is if it is the rule that gets limited or something else. If it's the rule, then this would drop any packet over 20 bytes after there have been 5 per second.

Do you want to limit it by IP address? Then I recommend you use the "recent" feature:

Code:
iptables -N CHECK1
iptables -A INPUT -p udp -m length --length 20 -j CHECK1

iptables -A CHECK1 -m recent --name longudp --rcheck 1 --hitcount 5 -j DROP
iptables -A CHECK1 -m recent --name longudp --set -j RETURN