Welcome to Server Circle. It's a friendly site and all levels of experience are welcome. Be aware that we use cookies for your login.
Server Circle - Ask questions about Servers and get answers from experts.
Beta (0.23 sec)
Stopping flood of traffic on ports 80 and 443 with IPtables

Can I limit each individual IP to a certain amount of hits per minute and then slow them down somehow ?

Thanks for your help.
Asked by:
Ladyboots
210 points
 Report Abuse
 Share Page - Category: Ubuntu Linux - Tags: Stopping flood of traffic on ports 80 and 443 with IPtables
 Enter your response
Please use Pastie.org to paste lengthy code or to fix formatting issues with code
  • Responses in reverse (2)

This should do it:

iptables -A INPUT -p tcp -m multiport --dport 80,443 -m state --state NEW -m limit --limit 100/minute --limit-burst 300 -j ACCEPT

iptables -A INPUT -p tcp -m multiport --dport 80,443 -m state --state NEW -m limit --limit 100/minute --limit-burst 300 -j LOG --log-level info --log-prefix NEW-HTTP-DROP:

iptables -A INPUT -p tcp -m multiport --dport 80,443 -m state --state RELATED,ESTABLISHED -m limit --limit 100/second --limit-burst 100 -j ACCEPT

iptables -A INPUT -p tcp -m multiport --dport 80,443 -m state --state RELATED,ESTABLISHED -m limit --limit 100/second --limit-burst 100 -j LOG --log-level info --log-prefix EST-HTTP-DROP:

iptables -A INPUT -p tcp -m multiport --dport 80,443 -j DROP

iptables -A OUTPUT -p tcp -m multiport --sport 80,443 -j ACCEPT

Response by:
BonoEstente
1464 points
You can look up details regarding the "state" and "recent" modules in IPtables.

There should be a few examples online.

Response by:
Trinity
2782 points


  • Related Questions




by V12 (26 points) in Ubuntu Linux - 7 replies

About Us : Contact Us : Etiquette : Terms : CDN Failover : ShorterURL : CDN Fallback : © 2013 Server Circle