Hello everone,
I have realy big problem with my VPS. I cant limit connection per IP using iptables.
This is my linux kernel version:
Code:
Linux my.server.com 2.6.18-028stab092.1 #1 SMP Wed Jul 20 19:47:12 MSD 2011 x86_64 GNU/Linux
Here You can find all iptables modules:
Code:
cat /proc/net/ip_tables_matches
helper
conntrack
length
ttl
tcpmss
multiport
multiport
limit
tos
state
icmp
udp
tcp
and this is part of my firewall script responsible for SLOWLORIS defend
Code:
#!/bin/sh
# Clean all rules
iptables -F
iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT
iptables -F -t mangle
iptables -F -t nat
iptables -X
# Setup new rules
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -N syn_flood
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m recent --set --name Slowloris
iptables -A INPUT -p tcp --dport 443 -m state --state NEW -m recent --set --name Slowloris
iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m recent --name Slowloris --update --seconds 60
iptables -A INPUT -p tcp --dport 443 -m state --state NEW -m recent --name Slowloris --update --seconds 60
I dont know why its not working. After execution I have received following error:
Code:
/etc/init.d/firewall
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Does any body knows why ? How to limit ip connection in my super duper VPS ? Who can help me ?
regards
Dlugasx