Date: Tue, 24 May 2011 22:29:47 +0200 From: Andy Wodfer <wodfer@gmail.com> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: Urgent: Under attack - need tcpdrop help Message-ID: <BANLkTikGjnh-cfO_dtk=jf6ZVNiY=x8nqw@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, One of my FreeBSD servers is currently being attacked (DDOS) and I'm blocking IP addresses in my firewall. However, there are a large number of hung tcp connections and I want them gone. Can anyone help me with a script (command line) that can read a netstat -n and tcpdrop all IP addresses that has more than 10 connections or a more manual command where I can input an IP and it will drop all connections from that IP regardless of port? Thanks in advance! Shell scripting isn't what I'm best at unfortunatly ... Andy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BANLkTikGjnh-cfO_dtk=jf6ZVNiY=x8nqw>