iptables and bind
Jason Bratton
jbratton at rackspace.com
Tue Aug 19 22:40:13 UTC 2008
Steven Stromer wrote:
> I want to rate limit queries to mitigate threat of Polyakov-styled
> attack, but I can't find anything on iptables rate limiting based on
> bits, bytes, or Mb / time (as opposed to packets/time). I looked
Not to sound like I'm advocating this approach, because I'm not, but you
would want to check out the limit and recent modules. If you have them
loaded or compiled in, just run iptables -m limit --help and iptables -m
recent --help. You probably want recent since it will let you do this
per IP.
-- Jason
Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is prohibited.
If you receive this transmission in error, please notify us immediately by e-mail
at abuse at rackspace.com, and delete the original message.
Your cooperation is appreciated.
More information about the bind-users
mailing list