This simple shell script will block IPs at the firewall that are found to have too many connections under the presumption that they are part of a (D)DoS attack. The script supports auto-unblocking, email notifications, logging, a simple cron installer and reverse DNS.
Clone this repo into /usr/local/ddos:
sudo git clone git://github.com/colinmollenhour/ddos-deflate.git /usr/local/ddos
Add your IP address to the whitelist:
Configure (D)DoS Deflate:
Add the cron job (optional)
- 7/21/2012 - Colin Mollenhour (firstname.lastname@example.org) ** Installation procedure changed to git-centric ** Removed install.sh and uninstall.sh