Dropping packets from IPTables [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.

Closed 9 years ago.

I am wondering how do I set a rule in my IPTables to drop packets from a specific IP address at a given probability of dropping.

Eg. for dropping any random packet from any IP, I would use the command:

# for randomly dropping 10% of incoming packets:
iptables -A INPUT -m statistic --mode random --probability 0.1 -j DROP

However, I want to drop a specific IP at a given probability.

Solution

Seems like you read this tutorial here. Have you tried this. Assuming your IP address is 123.456.78.90:

iptables -s 123.456.78.90/32 -A INPUT -m statistic --mode random --probability 0.1 -j DROP

Or perhaps:

iptables -s 123.456.78.90/32 -p tcp -m tcp -A INPUT -m statistic --mode random --probability 0.1 -j DROP

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow