Hi,I have a similiar rule, and I use ACCEPT. I have my system configured to allow up to 5 ICMP messages per second. Beyond that they are dropped.
I have two questions related to Denial of Service:
1) If I want to set up a syn-flood protection, based on 1 per second (bursts 5), should I use
iptables -A INPUT -p tcp --syn -m limit --limit 1/s -j DROP or iptables -A INPUT -p tcp --syn -m limit --limit 1/s -j ACCEPT
The first one seems to drop those which EXCEED 1 per second
iptables -A INPUT -p icmp -m limit --limit 5/sec -j ACCEPT
