Last active
December 5, 2018 09:11
-
-
Save imylomylo/7e2fc21c855b130b4c28ef095d208f16 to your computer and use it in GitHub Desktop.
rate limit bad miners
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-N BADMINER creates a new iptables chain called "BADMINER" | |
-A INPUT appends to the "INPUT" chain this rule, which searches for the string "authorize" on tcp/4646 and then jumps (-j) to the rules of chain BADMINER (-j BADMINER) | |
-A BADMINER has the rate limit of 10/min and logs to syslog | |
iptables -N BADMINER | |
iptables -A BADMINER -m limit --limit 10/min -j LOG --log-prefix "BADMINER DROP: " | |
iptables -A BADMINER -m comment --comment "Rate limit exceeded, reject" -j REJECT | |
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 4646 -m string --string "authorize" --algo bm -m comment --comment "Catch BADMINER" -j BADMINER |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment