2011/3/1 Jensen, Peter <peter.jen...@ggzdrenthe.nl>: > Hello list, > > > > Recently i have had one of my boxes attacked with a ddos attack. It was all > coming from 1 ip address so I made the rule : > > DROP net:<ip> $FW ANY > > > > This however did not help much for the load coming onto the box, asif it > wasn’t working properly. > > When adding : iptables -A INPUT -p tcp -s <ip> -j DROP, the load to the box > did get dropped. > > > > Can anyone tell me what I was doing wrong with the shorewall rule > configuration ?
From 1 IP address is not a DDOS, but just a DOS, and in both cases, You cant do much, notify your upstream internet provider that can take the appropiate measures. ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
