How to stop the flood?
rob at sterenborg.info
Thu Apr 28 17:47:53 CEST 2005
netfilter-bounces at lists.netfilter.org <> scribbled on Thursday, 28 April
> Thankyou for the reply.
> This was the log from one of my client who was attacked from a client
> on other subnet.
> My network consist of clients from different subnets of /24.
> The attacks from one subnet travels through my linux router
> and hits the client on other subnet.
> I tried few rules as below but seems not to be working.
The script doesn't block any packets from 192.168.25.208.
If 192.168.25.208 isn't allowed passing your router, you should block it
$IPT -A FORWARD -s 192.168.25.208 [-d <destination_ip>] \
-j [DROP|REJECT --reject-with-tcp-reset]
Or something like that.
The real solution is like Jason said : track down the person at
192.168.25.208 and kick his/her ass !
More information about the netfilter