More new options
This commit is contained in:
		
							parent
							
								
									97dd5fa6f0
								
							
						
					
					
						commit
						95c2688ea3
					
				| @ -127,8 +127,10 @@ function apply_ipv4_hack { | |||||||
| 	while [ $# -gt 0 ]; do | 	while [ $# -gt 0 ]; do | ||||||
| 		case "$1" in | 		case "$1" in | ||||||
| 		NS-IN-DDOS) | 		NS-IN-DDOS) | ||||||
|  | 			# NS-IN-DDOS - Block DNS DDoS using NS/IN spoof, see: | ||||||
|  | 			# http://www.stupendous.net/archives/2009/01/24/dropping-spurious-nsin-recursive-queries/ | ||||||
| 			display_c PURPLE " ./NS/IN-DDOS-FIX" | 			display_c PURPLE " ./NS/IN-DDOS-FIX" | ||||||
| 			$IPTABLES -A INPUT -j DROP -p udp --dport domain -m u32 --u32 \ | 			$IPTABLES -A INPUT -j DROP -p udp --dport 53 -m u32 --u32 \ | ||||||
| 			"0>>22&0x3C@12>>16=1&&0>>22&0x3C@20>>24=0&&0>>22&0x3C@21=0x00020001" | 			"0>>22&0x3C@12>>16=1&&0>>22&0x3C@20>>24=0&&0>>22&0x3C@21=0x00020001" | ||||||
| 		;;	 | 		;;	 | ||||||
| 		esac | 		esac | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user