Hi all, I need an help to implement this kind of rules on shorewall: iptables --insert INPUT -p udp --dport 53 -m u32 --u32 "0x28&0xFFDFDFDF=0x055a5a47 && 0x2c&0xDFDFFFDF=0x53540343 && 0x30&0xDFDFFFFF=0x4f4d0000" -j DROP
This kind of rules need to block a DNS Amplification Attack. I found this file https://github.com/smurfmonitor/dns-iptables-rules/blob/master/domain-blacklist.txt where we can find iptables rules to prevent this kind of attack by filter message request. I already found http://www.shorewall.net/pub/shorewall/contrib/DNSDDOS/ but seems old and ineffective Is there any way to do that on shorewall? Best regards Luca ------------------------------------------------------------------------------ LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99! 1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint 2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13. http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
