[iptables] How to detect icmp request depend on limitation rules

Rate-limiting is a better way to control possible abuse. This first method implements a global limit (ie, only X packets per minute for all source addresses):

iptables -A INPUT -p icmp –icmp-type echo-request -m limit –limit 30/min –limit-burst 8 -j ACCEPT

-limit
followed by a number; specifies the maximum average number of matches to allow per second. The number can specify units explicitly, using /second’,/minute’, /hour’ or/day’, or parts of them (so 5/second’ is the same as5/s’).

–limit-burst
followed by a number, indicating the maximum burst before the above limit kicks in.

• iptables: How to use the limits module
• Firewall: Stateful Packet Inspection

Delete single iptables rules
iptables -D INPUT -s 127.0.0.1 -p tcp –dport 111 -j ACCEPT

• Delete single iptables rules