Need help on IPtables for connections limiting

Support for security such as Firewalls and securing linux
Post Reply
Posts: 1
Joined: 2006/06/28 12:32:53

Need help on IPtables for connections limiting

Post by OPrime » 2006/06/28 12:42:28


Currently I have configured a transparent bridge using CentOS 4.2 (default server installation with bridge-utlis rpm installed) and no IPtables running as the ruleset I did screw up big time. This linux bridge is now sitting pretty in front of my DNS server which is currently "under attacks" by a few particular IP addresses which actually belongs to a paying customer thus I cannot deny them from accessing the DNS server.

I like to know what should be the IPtables configuration on this bridge which will help me rate limit the connections from these "attackers". I am getting nearly 100 queries per second and I like to limit it to only 10 queries from this set of IP addresses.

My setup as per below:

DNS server -eth1-> Bridge -eth0-> Internet

DNS server is connected to Bridge via a cross-cable on Bridge eth1 which Bridge eth0 is the uplink to internet. My DNS server is both an authoritive server as well as DNS resolver. Please kindly advise. Thanks


Posts: 1
Joined: 2006/09/15 03:41:30
Location: Bogota, Colombia

Re: Need help on IPtables for connections limiting

Post by itnas » 2006/09/15 03:58:32

Hi, As it has formed your fw?
So that you do not form as limit parametre completes rule of forward for meter to discard the connections of but

example :

$IPTABLES -A FORWARD -m limit --limit 1/s --limit-burst 50 -j LOG --log-level 7 --log-prefix "IPT FORWARD packet died: " -j DROP

Post Reply

Return to “CentOS 4 - Security Support”