Ok, after this morning’s DDoS, I started rummaging around for ways to limit the amount of hurt that my server would handle. And I found the limit function in iptables.

/sbin/iptables -A INPUT -p tcp -d 10.125.1.250 \
      --dport 80 -m limit --limit 6/m --limit-burst 10 -i eth0 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -s 10.125.1.250 \
      --sport 80 -m limit --limit 6/m --limit-burst 10 -o eth0 -j ACCEPT

This should help get some of the requests under control.

Also, I discovered this interesting application called tc. Going to see how I can integrate this with some iptables rules.

Technorati: iptables

Related Posts

• Web Performance — Flickr: Do you want to get faster?
• DDoS this morning
• Making PHP-to-MySQL Connections Persistent
• Web Performance Implications: Podcasters and iTunes 4.9
• Bots from hell, and a plea for a free-to-use public “DROP” Port