iptables limit-burst trouble

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I want to limit Web DoS attack.

I have set the following but it does not work well.

iptables -N flood-chk
iptables -A INPUT     -p tcp --dport 80 --syn -j flood-chk
iptables -A flood-chk -m limit --limit 1/sec --limit-burst 2 -j RETURN
iptables -A flood-chk -j LOG --log-prefix "IPTABLES HTTP FLOOD-PACKET"
iptables -A flood-chk -j DROP

After I accessed to my web site,
I pushed reload button of my web browser repeatedly but 
I was not denied by iptables.
Why?

regards,

-- 
Tsuyoshi Takada <acroyear@xxxxxx>




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux