WEB Port IPtables Rate Limit
#!/bin/bash
set -x
IPTABLES=`which iptables`
TIME_PERIOD=60
BLOCKCOUNT=15
ACTION="DROP"
$IPTABLES -F INPUT
$IPTABLES -F OUTPUT
$IPTABLES -F FORWARD
$IPTABLES -F POSTROUTING -t nat
$IPTABLES -I INPUT -m string --algo bm --string "Ubuntu" -j DROP
$IPTABLES -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
$IPTABLES -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds $TIME_PERIOD --hitcount $BLOCKCOUNT -j $ACTION
$IPTABLES -A INPUT -p tcp --dport 443 -i eth0 -m state --state NEW -m recent --set
$IPTABLES -A INPUT -p tcp --dport 443 -i eth0 -m state --state NEW -m recent --update --seconds $TIME_PERIOD --hitcount $BLOCKCOUNT -j $ACTIONLast updated
Was this helpful?