Firewall rule to block memcached amplification attacks

- July 25, 2021

Steps1: stop zimbra services

Steps2: Add following rules to iptables services

vi /etc/init.d/iptables

#!/bin/bash

##################### FOR DDOS PROTECTION ################
iptables -A INPUT -s server_ip -p tcp -m tcp --dport 11211 -j ACCEPT
iptables -A INPUT -s server_ip -p udp -m udp --dport 11211 -j ACCEPT
iptables -A INPUT -s localhost -p tcp -m tcp --dport 11211 -j ACCEPT
iptables -A INPUT -s localhost -p udp -m udp --dport 11211 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 11211 -j DROP
iptables -A INPUT -p udp -m udp --dport 11211 -j DROP

iptables -A OUTPUT -s server_ip -p tcp -m tcp --sport 11211 -j ACCEPT
iptables -A OUTPUT -s server_ip -p udp -m udp --sport 11211 -j ACCEPT
iptables -A OUTPUT -s localhost -p tcp -m tcp --sport 11211 -j ACCEPT
iptables -A OUTPUT -s localhost -p udp -m udp --sport 11211 -j ACCEPT
iptables -A OUTPUT -p tcp -m tcp --sport 11211 -j DROP
iptables -A OUTPUT -p udp -m udp --sport 11211 -j DROP
#############################################################

Steps3: start iptables services

Steps4: start zimbra services.

Search This Blog

The Craving Mind

Firewall rule to block memcached amplification attacks

Comments

Post a Comment

Popular posts from this blog

Cambium cnPilot E400/E410/E500 Configuration Tutorial

Disabling Zimbra's AntiSpam, Amavis and AntiVirus filtering

Error "Unable to retrive Zimbra GPG key for package validation"