Linux Forums - Linux Help,Advice & support community:LinuxSolved.com
Network Troublshooting => General Networking Support in Linux => Topic started by: contenthost on March 29, 2004, 01:58:23 AM
-
Was Wondering if there's any scripts that would detect a icmp flooding and start blocking ips. Thank you!
Running Red Hat 9
-
Try using iptables, it's very useful.
http://www.linuxguruz.com/iptables/howto/iptables-HOWTO.html#toc3
-
May u can use Firestarter if you dont' want to gamble with iptables manually..
-
im using Iptables has it is i just want to a script that would detect a ICMP at a certain rare of incomming packets and add them to iptables.
-
Huh?? Can u explain again? I don't quite catch ur explaination. Sorry and thank you.
Is it a question or a statement?
-
May be he is saying that need a script which detect that now ICMP is getting flooded so block them. And after few times it again opens that. Is that so contenthost ?
-
yes exactly :)
-
OIC. Is it that the rule that u added is at command prompt when u logged in. But when u restart ur pc, the rule is gone?
Type this to check on the next start up: iptables -L -n
From wat i know, in certain distros, the rules that u add are temporary when u add it on that day. But when the next boot or restart, ur firewall script will be flushed (in otherwords it's reset to the default rules). In order to avoid this, create a text file and add the script and save it.
chmod +x to make it executable and load the script each time ur linux boots. U can alternatively, add the firewall rule into the boot up script (such as rc.local in /etc/rc.d directory) to run as well.
-
Ya Been doing that has it is. just wanted something that would do that auto for me since i can keep watching it everyday on every min.
-
I wish for the firewall using iptables tutorial soon be out. (plllsssss) :cry: