LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
Reload this Page prevent denial of service redirect to another machine
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-30-2012, 07:40 AM   #1
newbie_ubu
LQ Newbie
 
Registered: Dec 2012
Posts: 6

Rep: Reputation: Disabled
prevent denial of service redirect to another machine

Hello all,

i have 2 pc like this:
pc1 192.168.0.1 port:80
pc2 192.168.0.2 port:80

I want when the user wants to access the web server, it will be displayed on the web server ip 192.168.0.1. But when anyone try attack like as denial of service, it will be in direct to the ip 192.168.0.2.
So, how that iptables configuration in pc1(192.168.0.1)?

Thank you for your answer
Last edited by newbie_ubu; 12-30-2012 at 07:47 AM.
 
Old 12-30-2012, 02:28 PM   #2
bijo505
Member
 
Registered: Nov 2012
Location: Bangalore
Distribution: Fedora & Ubuntu
Posts: 77

Rep: Reputation: 18
Quote:
Originally Posted by newbie_ubu View Post
Hello all,

i have 2 pc like this:
pc1 192.168.0.1 port:80
pc2 192.168.0.2 port:80

I want when the user wants to access the web server, it will be displayed on the web server ip 192.168.0.1. But when anyone try attack like as denial of service, it will be in direct to the ip 192.168.0.2.
So, how that iptables configuration in pc1(192.168.0.1)?

Thank you for your answer

Hi Newbie_ubu,
If you want to redirect to a particular host, you need to use nating and in your router host, the nat table should have the entry like this.

iptables -t nat -I PREROUTING 1 -p tcp --dport 80 -m recent --name badguy --rsource --update --seconds 60 --reap --hitcount 20 -j DNAT --to-destination 192.168.0.2:80
iptables -t nat -I PREROUTING 2 -p tcp --syn --dport 80 -j DNAT --to-destination 192.168.0.1:80

In this example, if the no of connections exceeds 20/min it will redirect to the second host.

If you don't want to use nating, you can simply drop the hosts using by
iptables -t filter -I INPUT 1 -p tcp --dport 80 -m recent --name badguy --rsource --update --seconds 60 --reap --hitcount 20 -j DROP

PS:- Please note I haven't tested this, but I hope this will work, kindly let me know the status.
--
Thanks,
Bijo
 
  


Reply

Tags
dos, iptables



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how does mktemp prevent denial-of-service attack seaker79 Linux - Security 1 04-22-2010 06:56 AM
y2kupdate denial of service vulnerability Protector Linux - Security 1 11-15-2009 02:44 AM
Troubleshooting Denial of Service vbsaltydog Linux - General 4 07-24-2008 11:51 PM
how to disable TCP/IP Denial of Service mayankh Linux - Security 2 10-14-2006 04:01 AM
Denial Of Service Attacks Ozzman Mandriva 13 11-13-2003 12:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:06 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration