External DDoS protection

adonradon

Member
Joined
Jul 13, 2016
Messages
27
Points
50
Age
34
If you use them as proxy they (voxility) will drop your real server IP while DDoS.
So the proxy is online but because of the drop you cant connect through the proxy to the real server.

At the moment i use a hosteam.pl vps as proxy and under DDoS it works fine - no drops.

You can use this simple forward rules (IPTables):
Code:
iptables -A FORWARD -d **IP2** -i eth0 -p tcp -m tcp --dport 1000:65500 -j ACCEPT
iptables -A FORWARD -d **IP2** -i eth0 -p udp -m udp --dport 1000:65500 -j ACCEPT
iptables -t nat -A PREROUTING -d **IP1** -p tcp -m tcp --dport 1000:65500 -j DNAT --to-destination **IP2**
iptables -t nat -A PREROUTING -d **IP1** -p udp -m udp --dport 1000:65500 -j DNAT --to-destination **IP2**
just insert your needed port range and protocol.
dont forget to masquerade
sysctl -w net.ipv4.ip_forward=1 or echo 1 > /proc/sys/net/ipv4/ip_forward or edit /etc/sysctl.conf for forward chain don't forget this. while u were sharing forwarding code. I wrote this because

He may doesn't know .
 

Top