Service Guardian is a software that will protect servers against various things such as connection flood and resource exhaustion
It can measure the number of connections to servers' ports and, after a grace time period, compares and sees if the host is still in violation of the specified settings. If a host is in violation of the settings, it will be filtered out and dropped via netfilter/iptables.
Configuration and program features:
Running "service-guardian --protect" will protect the configured servers and ports according to the settings. Option: "--daemon" makes the process run in the background.
If a connecting client is not configured as either a "GOOD HOST" or apart of a "GOOD NET" and it connects equal to or greater then the MAX_CONNECT_THRESHOLD to our protected hosts and ports during a specified grace time the host will be logged and denied connections using iptables.
The program log is located here: /var/log/service-guardian.log
Dropped hosts are also logged in /var/log/service-guardian-dropped-hosts Running "service-guardian --undrop ALLHOSTS" will allow connections from all blocked hosts again. Do not edit the dropped hosts file manually.
By default it will allow access for all hosts in the specified release_interval. This can be changed by editing the configuration file located here: /etc/service-guardian.conf
In a hurry? Add it to your Download Basket!
What's New in This Release:
- Added better signal handling.
- *drop* has been changed to *block* for program options
- and the logfile. Added --verbose mode.
- The ADD-RESOLVERS keyword can now be used in the