The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security
~ IPTables : Limit Incoming UDP Packets With a Certain Length ~ ~ IPTables : Limit Incoming UDP Packets With a Certain Length ~
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read


Security Discuss UNIX and Linux computer and network security, cybersecurity, cyberattacks, IT security, CISSP, OWASP and more.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
What the command to find out the record length of a fixed length file? tranq01 UNIX for Dummies Questions & Answers 9 12-04-2008 04:04 PM
Forwarding internal internet packets to internal webserver using iptables mshindo UNIX for Advanced & Expert Users 1 11-12-2008 04:10 AM
limit of command length Anta UNIX for Dummies Questions & Answers 2 10-11-2008 05:08 PM
Is the Length of User ID for AIX Limit to 8 Characters? meihua_t AIX 2 04-07-2008 03:04 AM
grep line length limit hnhegde Shell Programming and Scripting 3 10-02-2006 12:47 PM

 
English Japanese Spanish French German Portuguese Italian Dutch Swedish Russian Norwegian Hungarian Hebrew Danish Bulgarian Greek Powered by Powered by Google
 
LinkBack Thread Tools Search this Thread Rate Thread Display Modes
Prev Previous Post   Next Post Next
  #1 (permalink)  
Old 04-05-2009
tomboy123 tomboy123 is offline
Registered User
  
 

Join Date: Apr 2009
Posts: 2
Exclamation ~ IPTables : Limit Incoming UDP Packets With a Certain Length ~
Hello,

I am currently trying to limit incoming UDP length 20 packets on a per IP basis to 5 a second using IPTables on a Linux machine (CentOS 5.2).

Basically, if an IP is sending more than 5 length 20 UDP packet a second to the local machine, I would like the machine to drop the excess length 20 packets coming from that IP.

The modules that should work perfectly for this type of "rule set" are;

- Limiting module
- Length module

Both of which are installed / compiled with the kernel/IPTables correctly and functioning.

I have tried several rule sets, and they all seem to not fully work. Either they drop all UDP length 20 packets going to the local machine or allow all them through.

Below is one of the rule sets I use, and it is not working. Any ideas what the issue could be?

Code:
iptables -N CHECK1
iptables -A INPUT -p udp -m length --length 20 -j CHECK1
iptables -A CHECK1 -p udp -m length --length 20 -m limit --limit 5/second -j ACCEPT
iptables -A CHECK1 -j DROP

Any help would be appreciated. Thanks ahead of time!
 

Bookmarks

Tags
iptables, linux, network, packets, udp

« Help with iptables on proxy server | recieving undeliverable reciepts of spam mails that seem to be coming from my domain »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Threaded Mode Threaded Mode
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -4. The time now is 07:17 PM.

The UNIX and Linux Forums - Learn UNIX and UNIX Commands RSS Feeds - Contact Us - The UNIX and Linux Forums - Learn UNIX and UNIX Commands - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited. Language Translations Powered by .
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
The UNIX and Linux Forums Content Copyright ©1993-2009. All Rights Reserved.Ad Management by RedTyger

Content Relevant URLs by vBSEO 3.2.0