Fresh AntiDDoS Script based on iptables-nft & kernel tweaks
sudo apt update && sudo apt install iptables iptables-persistent netfilter-persistent git -y && git clone https://github.com/yuk1c/antiddos && cd antiddos && sudo bash antiddos-yuki && cd ..
- iptables
- ipset
- iptables-persistent
- netfilter-persistent
To block incoming ping requests:
sudo iptables -I INPUT -p icmp --icmp-type echo-request -j DROP
cd ~/antiddos && git pull && sudo bash antiddos-yuki
if /etc/sysctl.conf tweaks do not work on your system - use a script named sysctl-tweaks. Execute as root, and add him to cron
If you are under Volumetric DDoS – buy the server with protection.
Update kernel to the latest version for best results.
You can use tweaks and rules on your upstream hardware to offload your server.