DDoS & flood



  • can this by converted in to pfSense firewall ? I am using this on Linux .

    
    #IPTABLES="/usr/sbin/iptables" ## Default IPTables >= v. 1.2.0
    IPTABLES="/usr/bin/iptables" ## Default IPTables <= v. 1.1.2
    PING_IS="ON"
    PING_FLOOD="2/s"
    #
    SYN_FLOOD="5/s"
    LOG_FLOOD="2/s"
    #  Syn-Flood
    echo -n "Loading Syn-Flood-Def"
       ${IPTABLES} -N FLOOD
       ${IPTABLES} -A FLOOD -p tcp --syn -m limit --limit $SYN_FLOOD -j RETURN
       ${IPTABLES} -A FLOOD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 2/s --limit-burst 3 -j RETURN
       ${IPTABLES} -A FLOOD -p tcp -j DROP
       ${IPTABLES} -A INPUT -p tcp -m state --state NEW -j FLOOD
    echo "....done "
    ############################################################################################
    #  Ping-Flood
    function PING_FLOD_ON {
    echo -n "Loading Ping CFG..."
       ${IPTABLES} -N ICMP
       ${IPTABLES} -F ICMP
    #    0 = Echo Reply, what gets sent back after a type 8 is received here
    #    3 = Destination Unreachable (inbound) or Fragmentation Needed (out)
    #    4 = Source Quench tells sending IP to slow down its rate to destination
    #    8 = Echo Request used for pinging hosts, but see the caution above
    #   11 = Time Exceeded used for traceroute (TTL) or sometimes frag packets
    #   12 = Parameter Problem is some error or weirdness detected in header
    # Allow limited ICMP traffic
       ${IPTABLES} -A ICMP -p ICMP --icmp-type 0 -j ACCEPT
       ${IPTABLES} -A ICMP -p ICMP --icmp-type 3 -j ACCEPT
       ${IPTABLES} -A ICMP -p ICMP --icmp-type 8 -m limit --limit $PING_FLOOD --limit-burst 2 -j ACCEPT
       ${IPTABLES} -A ICMP -p ICMP --icmp-type 11 -j ACCEPT
    # Set policy and add to INPUT table
       ${IPTABLES} -A ICMP -p icmp -j DROP
       ${IPTABLES} -A INPUT -p icmp -j ICMP
    echo "....done "
    }
    function PING_FLOD_OF {
        echo -n "PING is DROP:"
        ${IPTABLES} -A INPUT -p icmp -j DROP
        echo ".....done"
    }
    if [ "$PING_IS" = "ON" ]; then
        PING_FLOD_ON
    else
        PING_FLOD_OF
    fi
    
    

    Sorry it might by incomplete but it is take out of my firewall script


Log in to reply