Iptables’ recent module parameter

September 16, 2011 at 6:52 am Leave a comment

I had the pleasure to set up iptables’ recent module in order (hopefully) to stop basic small scale DoS attack on my web server. The module is pretty straightforward to use (as opposed to the limit module with its averages and burst) with two basic settings: seconds and hitcount. By default hitcount cannot be greater than 20 and you will need to change the parameter ‘ip_pkt_list_tot’ if you need more than 20.

Since most likely the recent module is already loaded and changing the parameter will involve either rebooting or unloading the module (and its dependency modules) which is not ideal if it is a live server. Luckily there is a way to change the parameter on the fly. Say you want to increase the hitcount to 100, you can do:

# echo 100 > /sys/module/ipt_recent/parameters/ip_pkt_list_tot

That is it. Just make sure you have the write permission!

Entry filed under: iptables, Linux, Technology. Tags: .

Need Help with SQL

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

 

September 2011
M T W T F S S
« Aug    
 1234
567891011
12131415161718
19202122232425
2627282930  

Recent Posts

Top Clicks

  • None

Feeds

Follow

Get every new post delivered to your Inbox.