Use iptables prevent php-ddos Foreign udp contract

By tort ( December 14, 2013 at pm 4:01)· Filed under Linux Share

Use iptables prevent php-ddos Foreign udp contract
Recently php-ddos flood,Especially weaving dreams bunch tunnel,you know,We can use iptables,Foreign prohibited php-ddos contract from the source。

 

Preferred need to allow UDP port services (such as DNS)

iptables -I OUTPUT -p udp –dport 53 -d 8.8.8.8 -j ACCEPT
iptables -I OUTPUT -p udp –dport 53 -d 8.8.4.4 -j ACCEPT

“53”,The desired UDP port DNS,"8.8.8.8" section of DNS IP,According to set up your server to set,If you do not know your current DNS IP server using,Get to execute the following command in the SSH:

cat /etc/resolv.conf |grep nameserver |awk 'NR == 1{print $2 }’

Inhibit the unit sends out a UDP packet

iptables -A OUTPUT -p udp -j DROP

Leave a Comment