iptables -N logmalform
iptables -A logmalform -m limit --limit 10/s --limit-burst 4 -j LOG --log-prefix "[MALFORMED] "
iptables -A logmalform -j DROP
iptables -N malf-group
#$PRGDIR/malf-group.sh
iptables -A malf-group -p tcp --tcp-flags SYN,FIN SYN,FIN -j logmalform
iptables -A malf-group -p tcp --tcp-flags SYN,RST SYN,RST -j logmalform
iptables -A malf-group -p tcp --tcp-flags FIN,RST FIN,RST -j logmalform
iptables -A malf-group -j RETURN
|