Configure SYN flood, connection limit, and portflood protection.
juggernaut --task=firewall:portfloodOption |
Value | Default | Description |
|---|---|---|---|
--SYNFLOOD |
<1|0> | 0 | Enable SYN Flood Protection. This option configures iptables to offer some protection from tcp SYN packet DOS attempts. This option will slow down all new connections from any IP address to the server if triggered so it should only be enabled if you are under a SYN flood attack. |
--SYNFLOOD_RATE |
<string> | 100/s | The maximum average matching rate. |
--SYNFLOOD_BURST |
<digit> | 150 | The maximum initial number of packets to match. |
--UDPFLOOD |
<1|0> | 0 | Enable outgoing UDP Flood Protection. This option limits outbound UDP packet floods. These usually are from exploit scripts uploaded through vulnerable web scripts. If you use services that utilize high levels of UDP outbound traffic, such as SNMP you will need to adjust UDPFLOOD_LIMIT and UDPFLOOD_BURST options accordingly. |
--UDPFLOOD_LIMIT |
<string> | 100/s | The maximum matching rate. |
--UDPFLOOD_BURST |
<string> | 500 | The maximum initial number of packets to match. |
--UDPFLOOD_ALLOWUSER |
<string1,string2> | named | A list of usernames that should not be rate limited (comma separated). Note: root user is always allowed. |
--UDPFLOOD_ALLOWUSER_add |
<string> | Add a single entry to UDPFLOOD_ALLOWUSER. | |
--UDPFLOOD_ALLOWUSER_del |
<string> | Remove a single entry from UDPFLOOD_ALLOWUSER. | |
--CONNLIMIT |
<string> | Enable protection from DOS attacks against specific ports. This option limits the number of concurrent new connections per IP address that can be made to specific ports. | |
--PORTFLOOD |
<string> | Enable protection from DOS attacks against specific ports. This option limits the number of new connections per time interval that can be made to specific ports. | |
--default |
<yes> | Reset all settings to their default values. | |
--default_option |
<option> | Reset a specific setting to its default value. | |
--restart |
<yes> | Restart the service after saving settings. |
// enable SYNFLOOD
juggernaut --task=firewall:portflood --SYNFLOOD=1 --restart=yes
// reset SYNFLOOD back to default
juggernaut --task=firewall:portflood --default_option=SYNFLOOD --restart=yes
// reset all settings back to default
juggernaut --task=firewall:portflood --default=yes --restart=yes