Hi everyone, This is my first post to this list. I am fairly new to netfilter and iptables and I wanted to do the following setup to protect a class C network from the occasional IP Fragment, SYN and similar DDOS attacks. My ISP has a router which is .1 on the network and my gateway for the machines on the class C. The ISP gives me an ethernet handoff which goes into my switch and my server are plugged into that switch with gateway of 1 and netmask of 255.255.255.0. I would like to place a linux box using iptables in between the switch and the ISP ethernet handoff to block attackers IP addresses. What I though I could do is have ISP ethernet to Eth0 on linux box. Eth1 on linux box to switch and then somehow make the linux box transparent to the network. From what I have read it almost seems like I need a mix of SNAT and NAT but I am unsure on how to proceed. I have read a lot of the documentation and HOWTOs and I have not found any examples of this type of a scenario. Any Advice? Thank you, Todd
