This script that I wrote, should mitigate a little DDoS directed to the server, I made this because on Darksin we receive many attacks, and I tried to mitigate them in order to permit us to log the traffic and find the botnet’s ips.
I reduced the number of syn accepted per second to 100, disabled ICMP and put in DROP every IP of knows attacker.
There also the rules to count the traffic for IspCP, without them it doesn’t work correctly.

Here is the script:
(more…)