Urgent: Under attack - need tcpdrop help

Andy Wodfer wodfer at gmail.com
Tue May 24 20:29:48 UTC 2011

One of my FreeBSD servers is currently being attacked (DDOS) and I'm
blocking IP addresses in my firewall. However, there are a large number of
hung tcp connections and I want them gone.

Can anyone help me with a script (command line) that can read a netstat -n
and tcpdrop all IP addresses that has more than 10 connections or a more
manual command where I can input an IP and it will drop all connections from
that IP regardless of port?

Thanks in advance!

Shell scripting isn't what I'm best at unfortunatly ...


More information about the freebsd-questions mailing list