this blocks me from connecting to the ip ... correct?
Not necessarily. It blocks the IP from connecting to you.
If you want to block in the other direction, you also need something like:
iptables -I FORWARD -s 192.168.1.0/24 -d IP_TO_BLOCK -j DROP
It's fairly easy to understand. -s is the source address and -d is the destination. -I means Insert a rule into the FORWARD chain and -j DROP means DROP.
In other words, if packet is sourced from 192.168.1.0/24 destined to IP_TO_BLOCK, it is DROPped.
Ok, Well i just test DoS'ed myself and the ip was still able to hit my connection exept rather then the bandwidth monitoring showing its hitting the router it just shows as the WAN spikes to 2MB/s aka the DoS attack worked. how can i make it so it blocks the attack right when it entires WAN?
if someone tries to flood you, just change your IP.
If you have a static IP, best not piss anyone off
I got cable and i already know how to change my ip but it would be nice to be fully DDoS protected so no one can have a laugh if they try to take me offline.
It might be possible that Cisco have better DoS pretection, but I don't really know. The thing about DoS is that there are so many different kinds. Many of them are in tcp/ip stack and are pretty difficult to detect by any firewall because they look like normal traffic.
It might be possible that Cisco have better DoS pretection, but I don't really know. The thing about DoS is that there are so many different kinds. Many of them are in tcp/ip stack and are pretty difficult to detect by any firewall because they look like normal traffic.
Hmm, Ok. Also its weard with how my router works... its because when i DoS 1 port like port 21 or 123 or just any random port and the flood script only focuses on the port you tell it to hit the router blocks it. i seen in WAN that it spikes to 500KB/s and it drops the DoS IP. but when i use 0 in the flood script it does a random port attack which just floods a port for -1 second then floods another port. i dont know why it does not block this attack. is there a way i can setup iptables so that maybe if theres more then 100 connections made to different ports with 1 IP address it drops the IP address automatically?
yes that is possible with iptables. but I'm not sure dd-wrt has this much function. iptables is highly modular, but as you know we don't have much space to deal with in these little devices. Especially the ones with only 2MB flash.
yes that is possible with iptables. but I'm not sure dd-wrt has this much function. iptables is highly modular, but as you know we don't have much space to deal with in these little devices. Especially the ones with only 2MB flash.
How about if i buy a ASUS WL-500W Router and get a 1GB thumb drive to make as the routers hard drive?