S. J. van Harmelen wrote: > I’m reading and reading through the doc’s and previous posts, but cannot > seem to find what I’m looking for. I want to create a rule that prevents > DoS and maybe even DDoS attacks against a specific port. The current > rule looks like this (the PORT’s and IP’s are dummies of course): > > #ACTION SOURCE DEST > HTTP(DNAT) net loc:192.168.1.160 > > Now how can I convert this rule so I can use the limit action? I assume > the following rule isn’t going to work correct because it misses the > DNAT action: > > Limit:info:HTTPACCESS,3,60 net loc:192.168.1.160 tcp 80 > > So how should I do this? Any help or pointers the some usefull doc’s > about this topic are more then welcome!
DNAT- net loc:192.168.1.160 tcp 80 Limit:info:HTTPACCESS,3,60 net loc:102.168.1.160 tcp 80 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
