0
1
'm using a VPS to host a VPN for DDoS protection, but I've been wanting to find a way to rate-limit UDP traffic per IP to prevent UDP floods. I'm looking for something to only allow X MBPS of traffic to each IP, and to ignore this IP if it's traffic exceeds X MBPS
I mainly want to prevent DoS from perl/shell scripts, as these seem to still be effective in disrupting operation of the VPN
Is this possible?
If so, could someone help me out with a method of implementing this using iptables?
You want to use QoS for this, which means the
tc
command, notiptables
.tc
is extremely difficult, but you can usefireqos
and its online tutorial to setup a traffic shaping script without too much work. – LawrenceC – 2019-11-13T20:34:58.653