Linux IPTABLES not work!!

[Dankoo]

I'm using stian's iptables:

iptables -N conn-flood
iptables -I INPUT 1 -p tcp --syn -j conn-flood
iptables -A conn-flood -m limit --limit 7/s --limit-burst 20 -j RETURN
iptables -A conn-flood -j DROP
iptables -A INPUT -p icmp -m limit --limit 1/s --limit-burst 1 -j ACCEPT
iptables -A INPUT -p icmp -j DROP

Some of them are duplicated 'cause when I opened PuTTY to take this screenshot, I had the tables above in cntrl+c, and pasted it unintentionally

But it did not prevent DDoS attacks. A guy entered my sv and said "It will gonna freeze" then started... Stoped and said again, freeze again, now said it would go down... Freeze until crash

I've been chatting with him on MSN, became kind of friends, he told me these iptables are not good, but couldn't advice me of a good one...

I asked him how did he crashed, if it was by upd flood or stuff, he said "all 4 are unprotected"

PS: Also tried http://otland.net/blogs/don+daniello/linux-anti-ddos-iptables-rules-841/ but this cuts internet connection from my server, can't access both site and server with it lol, only with PuTTY

 

[arturhaddad]

I need a good iptables also, or a way to defend DDOS attacks.
I'm using UBUNTU and stian's iptables (not working also)

 

[Cykotitan]

these rules are only good against TCP SYN floods (the attack where you get flooded with open connection requests)

please learn the basics of networking before saying "it doesn't work", it obviously wasn't meant to protect your from an UDP flood (which, by the way, isn't possible to stop using IPTables or any software firewall)