Quick Tutorial on How to Prevent the DDOS Attacks by using a simple linux utility/Command IPTABLES . In this example we will be Limiting the number of SSH Connections to our SSH host. This can also be said to be a Firewall using IPTables .
Load Module : xt_connlimit
Check if the module was loaded or not :
lsmod | grep connlimit
Incase you are configuring a Firewall/Webserver and want this module to load at the Startup :
Add #modprobe xt_connlimit in the file /etc/init.d/rc.d/ri.local
Command to set the Max number to connections to 20 :
iptables -I INPUT -p tcp –syn –dport 22 -m connlimit –connlimit-above 20 -j REJECT
-I : Insert a rule in the Chain
-p : The Protocol
–syn : This means the rule is only applicable to the packets that are initiating the connection. The rule will not apply to any Data packet that is involved in data transfer .
–dport : 22 for ssh , 80 or 8080 for HTTP or as you require
To View IPTABLES : iptables -L -n | less
To Save IPTABLES :service iptables save