[Shorewall-users] Using the limit action on a DNAT rule to prevent DoS attackson a specific port

S. J. van Harmelen Mon, 12 Apr 2010 13:11:51 -0700

Hi there.


I'm reading and reading through the doc's and previous posts, but cannot
seem to find what I'm looking for. I want to create a rule that prevents DoS
and maybe even DDoS attacks against a specific port. The current rule looks
like this (the PORT's and IP's are dummies of course):

 

 

#ACTION           SOURCE          DEST               

HTTP(DNAT)     net                    loc:192.168.1.160 

 

Now how can I convert this rule so I can use the limit action? I assume the
following rule isn't going to work correct because it misses the DNAT
action:

 

Limit:info:HTTPACCESS,3,60   net               loc:192.168.1.160
tcp         80

 

So how should I do this? Any help or pointers the some usefull doc's about
this topic are more then welcome!

 

Regards,

 

Sander

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev

_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

[Shorewall-users] Using the limit action on a DNAT rule to prevent DoS attackson a specific port

Reply via email to