-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 5/24/11 4:29 PM, Andy Wodfer wrote: > Hi, > One of my FreeBSD servers is currently being attacked (DDOS) and I'm > blocking IP addresses in my firewall. However, there are a large number of > hung tcp connections and I want them gone. > > Can anyone help me with a script (command line) that can read a netstat -n > and tcpdrop all IP addresses that has more than 10 connections or a more > manual command where I can input an IP and it will drop all connections from > that IP regardless of port? > > Thanks in advance! > > Shell scripting isn't what I'm best at unfortunatly ... > > Andy
Hi Andy, This will drop all connections to/from IP address 192.168.22.22: tcpdrop -l -a | grep 192.168.22.22 | sh Just substitute your desired IP address, and that will do the trick. Good luck, Greg - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. http://twitter.com/cpucycle/ - Follow you, follow me -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3cGC8ACgkQ0sRouByUApBlvACfaOneJdIQGiNNo2FYbKJx3EI8 w58AniK6ZolieHscRFWleR1CoofAtGe8 =03TM -----END PGP SIGNATURE----- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
