ipfreeze 0.4.8

Ipfreeze is a program that listens to the netlink device.

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!
send us
an update
GPL (GNU General Public License) 
Grégoire HUBERT
ROOT \ System \ Monitoring
Ipfreeze is a program that listens to the netlink device. It takes the source address from every incoming packet and adds it to a Netfilter "blacklist" chain. The address is removed from this chain after a user-definable period of time. This allows you to create rules that detect and halt certain odd behaviors, such as ports scans, syn floods, or connection attempts on forbidden ports.

This iptables script manage the rules insertion in the running kernel and launches ipfreeze.pl. This perl script listens on the netlink device for packets that are passed by the firewall (QUEUE target). If a packet is sent, ipfreeze get the source IP and insert a new rule in the firewall that will destroy every packets coming from that IP. This rule is automatically removed after the user defines a period (usually 10 or 20min).

Theses iptables scripts are inteded to be used on gnu/linux systems that are always connected to the internet or to protect small simple networks. I started to write this for my personnal purposes. I do not pretend it will give you maximum security but I have been using it from more that one year and I am very happy with it.

Last updated on July 8th, 2006

feature list

#netlink device #source address #syn floods #flood #attack #device #netlink

Add your review!