Script that will scan for number of connections and ban those above 100

MaxIT

12/7/23, 5:48 PM

since I lately have some DDOS attacks, i need help in creating the script that will do following:

-Screen the IPs on all ports with total number of connections using netstat -Ban all IP's that are having more then 100 connections -Exclude IP 87.91.143.119 from ban even it has more then 100 connections

would be grateful for advices thank you

0 + 3

iptables

scripts

18.04

steeldriver

12/7/23, 9:40 PM

You should probably look at doing this via the kernel's own packet filtering mechanism rather than rolling your own script - see for example [Iptables DDos Protection](https://askubuntu.com/questions/930111/iptables-ddos-protection)

MaxIT

12/8/23, 8:45 AM

thanks, how do you apply this rule to all ports, not only 27015? When I put: iptables -A INPUT -p udp --dport 100:65535 -m connlimit --connlimit-above 5 -j REJECT then I cannot connect to server at all, even 1 single connection. iptables -A INPUT -p udp --dport 443-m connlimit --connlimit-above 5 -j REJECT then it works fine, it blocks only connections on that port

steeldriver

12/8/23, 5:04 PM

I don't know - sorry. You might want to ask that as a specific question, either here or on [unix.stackexchange.com](https://unix.stackexchange.com/)

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Script that will scan for number of connections and ban those above 100

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.