the input chain policy is DROP
# Syn Protection
iptables -N syn-flood iptables -A INPUT -p tcp --syn -j syn-flood iptables -A syn-flood -m limit --limit 1/s --limit-burst 4 -j RETURN iptables -A syn-flood -j DROP iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
############################################### ive tested this by using hping2 with the following commands:
hping2 -S -i u100 -p 80 xxx.xxx.xxx.xxx hping2 -S -i u100 -w 0 -p 80 xxx.xxx.xxx.xxx
whenever i flood it the webserver just times out when i try to open a page in a browser... i would assume the rules are incorrect but im baffled as to what i did wrong... should these rules come before opening any ports? (tried it... same thing) perhaps its just in the wrong order... if someone could just throw me a hint or a rule or two that would be great
~Rob
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar ? get it now! http://toolbar.msn.com/go/onm00200415ave/direct/01/
