how to make the script listen all the ports ?

[generic-matrix]

Hello, i want to script to listen all the ports specified or in a particular range . I need your suggestions ? Thanks

[katanala]

i think the script default listen all ports.

[jgmdev]

Yes, the script doesn't makes any difference from ports when checking the amount of connections. I started thinking on how to implement a per port blocking rule so you can define the max amount of connections per ip per port, as the amount of ban time per port as seen here https://github.com/jgmdev/ddos-deflate/blob/master/config/ddos.conf#L38

I haven't implemented it yet, and still I'm not sure how to handle attackers that may open lots of connections on simultaneous ports at the same time (maybe re-use NO_OF_CONNECTIONS variable to determine the amount of connections permitted if a single ip is connecting to multiple ports at the same time).

[jgmdev]

I worked on a banning rules per port implementation but haven't tested if it works :smiley: Here is the function that does most of the job... https://github.com/jgmdev/ddos-deflate/blob/master/src/ddos.sh#L342 and on the conf file here starts the options to enable and test this feature: https://github.com/jgmdev/ddos-deflate/blob/master/config/ddos.conf#L33

[jgmdev]

Well I fixed latest changes that implement banning rules per port, tested and everything seems to work. So ONLY_INCOMING option should be used to ban only incoming connections to any running services on a server using the NO_OF_CONNECTIONS variable. To specify a different amount of max connections and ban period ENABLE_PORTS should be used to have a different banning rule per port, a banning rule is mandatory for all running services when using ENABLE_PORTS, otherwise the service/port will be ignored.