Hello guys.
I am getting some attacks to my linux box. I have iptables installed but I didnt use it. But now I have to use I think
I think their attacking method opens connections to my IPs. And every connection has different source ports. Like;
x.y.z.c:2810
x.y.z.c:2811
x.y.z.c:2812
..
So I have to limit IPs that opens connections more than one port. The destination port is 27015.
Here is my try to block more than 3 connecions in 3 seconds. It doesnt work. I dont know how to specify amount of ports that can be connect at that moment.
iptables -I INPUT -p tcp --dport 27015 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 27015 -m state --state NEW -m recent --update --seconds 3 --hitcount 3 -j DROP