iptables / scan port

secrets88 · 07-02-2015, 03:54 AM

Hello ,
I am traying to secure my firewall and i found this scan but i did not understand what does it mean :
iptables -t filter -N ??
and also what he rule of -j RETURN

# SYN-FLOODING
iptables -t filter -N syn-flood
iptables -t filter -A INPUT -i eth0 -p tcp --syn -j syn-flood
iptables -t filter -A syn-flood -m limit --limit 1/sec --limit-burst 4 -j RETURN
iptables -t filter -A syn-flood '-j LOG \--log-prefix "IPTABLES SYN-FLOOD:"'
iptables -t filter -A syn-flood -j DROP

and also when i add this lines i had a lot of problems (performance , blocking access to the others servers ... )

thanks

lazydog · 07-02-2015, 02:24 PM

Quote:

Originally Posted by secrets88

iptables -t filter -N syn-flood

Cheat a new chain

Quote:

iptables -t filter -A syn-flood -m limit --limit 1/sec --limit-burst 4 -j RETURN

If packets are 1 a second or no more then 4 a second return to the original jump point else do the following

Quote:

iptables -t filter -A syn-flood '-j LOG \--log-prefix "IPTABLES SYN-FLOOD:"'
iptables -t filter -A syn-flood -j DROP

Quote:

and also when i add this lines i had a lot of problems (performance , blocking access to the others servers ... )

thanks

What is the rule that jumps to this new chain? Sounds like it was working. But unless you show your rules I cannot tell you where you could improve them.