iptables-save
echo "drop ping and traceroute" iptables -A INPUT -i eth0 -p icmp -s any/0 --icmp-type 8 -j DROP iptables -A OUTPUT -o eth0 -p icmp --icmp-type 3 -d any/0 -j DROP iptables -A OUTPUT -o eth0 -p icmp --icmp-type 11 -d any/0 -j DROP
# 11-04-17 : disable SYN attack - by Jazz # Ref: http://forums.cpanel.net/f5/too-many-conns-fin_wait2-time_wait-status-49580.html iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
Last modified 11 years ago
Last modified on Apr 17, 2013, 1:07:40 AM
