Denial-of-service firewall for Linux/netfilter
by Martin Hinner
[ download ]
[ feedback ]
What is dosfw?
DOSfw is simple Linux netfilter firewall module which drops denial-of-service
attack packets. Current version supports only two attacks and TCP Fingerprint
scan, but you may expect other attacks in (hopefully near) future. If you want
contribute, do not hesitate to contact me.
Download
This program is available at ftp://ftp.penguin.cz/pub/users/mhi/dosfw/.
Installation
You will need Linux kernel with netfilter (I use 2.3.18). Extract downloaded
tarball to /usr/src (bzip2 -dc dosfw-x.y.tar.bz2 | tar xvf -). Then run
`make all'. The configuration script called from Makefile will ask you
which firewall parts would you like to enable. You should always answer [y]es.
After successful compile do "insmod dosfw". Now, your kernel will drop all
"dangerous" packets.
Test
Test suite is available at ftp://ftp.penguin.cz/pub/users/mhi/dosfw/dosfw-test.tar.bz2.
See also
Last updated on 22 October 1999
by Martin Hinner,
[email protected].