Collection of Linux Scripts for firewall, security, alerts, monitoring, etc…
Will check if there are more than 40 SYN_REC TCP streams from the same IP.
Then it will block with iptables, inserting at top of chain the offending IP. such as:/sbin/iptables -I INPUT -s 126.96.36.199 -j DROP
Works on Linux and OSX