566 tutoriels disponibles
Chercher un tutoriel
Bienvenue
sur Shareannonce
 
Stop a ddos attack easily
Ecrit par: Shareannonce
Date création:  26-11-2018
Nombre de vues:  1596
Catégorie:  informatique > gestion > ovh
Note: 
 
   Tutoriel N° 2c4

Stop a ddos attack easily


cd /etc/init.d/
nano /etc/init.d/iptables_flush.sh

#!/bin/sh
echo "Flushing iptables rules..."
sleep 1
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT


nano spamip.sh

#!/bin/bash
# Simple iptables IP/subnet block script
# -------------------------------------------------------------------------
# Copyright (c) 2004 nixCraft project
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# ----------------------------------------------------------------------


IPT=/sbin/iptables
SPAMLIST="spamlist"
SPAMDROPMSG="SPAM LIST DROP"
BADIPS=$(egrep -v -e "^#|^$" /home/liste_ip.txt)

# create a new iptables list
$IPT -N $SPAMLIST

for ipblock in $BADIPS
do
$IPT -A $SPAMLIST -s $ipblock -j LOG --log-prefix "$SPAMDROPMSG"
$IPT -A $SPAMLIST -s $ipblock -j DROP
done

$IPT -I INPUT -j $SPAMLIST
$IPT -I OUTPUT -j $SPAMLIST
$IPT -I FORWARD -j $SPAMLIST



chmod 777 iptables_flush.sh && chmod 777 spamip.sh


nano liste_ip.txt (IP listing to block)

27.20.238.173
111.176.9.145
91.121.144.42
27.29.113.199
82.11.83.4


To lunch it:

sh /etc/init.d/iptables_flush.sh
sh /etc/init.d/spam.sh


 
 
   Autres tutoriels de la même catégorie >
 
ShareAnnonce version 2.0 Tous droits reserves. | Condition d'utilisation | Contact