![]() -limit-burst number : Maximum initial number of packets to match: this number gets recharged by one every time the limit specified above is not reached, up to this number the default is 5.-limit rate : Maximum average matching rate: specified as a number, with an optional `/second’, `/minute’, `/hour’, or `/day’ suffix the default is 3/hour. ![]() # Verify after some time both LOG and DROP Iptables -A INPUT -p icmp -icmp-type 8 -j DROP Iptables -A INPUT -p icmp -icmp-type 8 -m limit -limit 1/minute -limit-burst 2 -j LOG -log-prefix " PING-PONG-FLOOD " Iptables -A INPUT -p icmp -icmp-type 8 -m limit -limit 30/minute -limit-burst 120 -j ACCEPT My default firewall policy is blocking everything. To enable ICMP ping incoming client request use following iptables rule (you need to add following rules to script). Linux iptables rules ICMP ping request syntax This page explains how to allow or block ICMP ping request using the iptables command.
0 Comments
Leave a Reply. |