Thursday, April 8, 2021

iptables - proteksi

--utk catat log yg drop

/sbin/iptables -N LOGDROP
/sbin/iptables -A LOGDROP -j LOG
/sbin/iptables -A LOGDROP -j DROP
 
 
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j LOGDROP

--lihat log
cat /var/log/kern.log

--permanent
iptables-save > /etc/iptables.up.rules
editor /etc/network/if-pre-up.d/iptables
--tulis ini disana:
#!/bin/sh
 /sbin/iptables-restore < /etc/iptables.up.rules
 
--chmod x
chmod +x /etc/network/if-pre-up.d/iptables 


Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)