Can iptables or other firewall solutions can do this for me?
Rob Sterenborg
rob at sterenborg.info
Mon Feb 12 18:48:07 CET 2007
netfilter-bounces at lists.netfilter.org <> wrote:
> Let me tell the background first...
>
> We have a web server, recently received a lot of requests from oversea
> proxy. The requests are to spam our applications (i.e. leave
> comments). They don't success, since they never get the correct
> captacha.
>
> But the problem is: They are doing requests & requests forever (even
> with no success). This lead to:
>
> 1. Waste of CPU time of our web server
> 2. Waste of oversea bandwidth
>
>
> Can iptables or related tools or packages can do this for me?
>
> p.s. Since they are changing proxy all the time, so might be need a
> automatic solutions,
Not directly, but this would be a solution I would think of:
You could modify the comment-script so that it logs the IP from the
hosts that attempt to leave a comment but fail doing so (if the script
doesn't do this already).
After that you can write a script that parses and clears the logfile
every x minutes to filter the largest offenders. You can enter these
offending IP's in a user defined blocking-chain which is called in the
INPUT chain (or FORWARD chain, depending on your setup) to block further
requests from these IP's.
Grts,
Rob
More information about the netfilter
mailing list