We’ve been getting hit with a lot of Syn floods recently and I’ve been trying to add some iptable rules to try and mitigate the flood but I find that if I restart the firewall the rules are removed.
Commands used from :http://www.cyberciti.biz/tips/linux-iptables-10-how-to-block-common-attack.html
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -f -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
If I run [COLOR="#0000CD"]iptables --list[/COLOR] I see the new rules but as soon as the firewall is restarted they disappear. Anyway to stop this from happening ? I restart the firewall through yast.