does isc dhcp 4.2.3 support blocking client which send many
Jeff Waller
jeffw at cnxntech.com
Wed Mar 7 18:12:39 UTC 2012
On Mar 7, 2012, at 10:52 AM, Simon Hobson wrote:
> Martin McCormick wrote:
>
>> A good mechanism for controlling insane systems
>> might be to read time intervals between each MAC address contact
>> and start ignorring anybody who has contacted DHCPD more than X
>> number of times in X number of seconds.
>
> Which is the sort of task Logwatch was written for. Anyone know if
> any DHCP filters/actions have been written for it ?
>
> However, that won't work for devices behind a relay agent. And
> someone said that iptables doesn't work either.
IP tables can be made to work. Someone is being dumb.
Here's A link from 5m of google;
http://www.wjunction.com/48-technical-security-tutorials/107901-linux-ddos-protection.html
http://www.infond.fr/2010/04/basics-6-tutorial-firewall-iptables.html
Form the 2nd source, seems approximately the same;
#9 allow 5 TCP connexion attempts
# with 2 per minuts frequency
#iptables -A INPUT -m state --state NEW -m recent --set
#iptables -A INPUT -m state --state NEW -m recent --update --hitcount 6 -j DROP
#iptables -A INPUT -m state --state NEW -m recent --update --seconds 60 --hitcount 3 -j DROP
>
> --
> Simon Hobson
>
> Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
> author Gladys Hobson. Novels - poetry - short stories - ideal as
> Christmas stocking fillers. Some available as e-books.
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
More information about the dhcp-users
mailing list