-
Notifications
You must be signed in to change notification settings - Fork 0
/
anti ddos.py
151 lines (120 loc) · 4.85 KB
/
anti ddos.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
import socket
import threading
from http.server import HTTPServer, BaseHTTPRequestHandler
import time
# Constants for rate limiting and security
UDP_MAX_PACKETS_PER_SECOND = 5
# Store client connections for rate limiting
tcp_connections = {}
udp_connections = {}
# Define a list of allowed IP addresses
ALLOWED_IPS = ["127.0.0.1", "192.168.1.1"]
# Dynamic rate limiting parameters
MAX_ALLOWED_CONNECTIONS = 10
RATE_LIMIT_ADJUST_INTERVAL = 60 # Adjust rate limits every 60 seconds
# Define rate limits for various protocols
RATE_LIMITS = {
"TCP/IP": 5,
"SMTP": 5,
"FTP": 5,
"SFTP": 5,
"HTTP": 10,
"HTTPS": 5,
"TELNET": 5,
"POP3": 5,
"IMAP": 5,
"SSH": 5,
"Gopher": 5
}
def adjust_rate_limits():
while True:
time.sleep(RATE_LIMIT_ADJUST_INTERVAL)
# Gather statistics on traffic patterns (e.g., connection rates)
tcp_connection_count = sum(tcp_connections.values())
udp_packet_count = sum(udp_connections.values())
# Adjust rate limits based on traffic patterns
for protocol, rate_limit in RATE_LIMITS.items():
if protocol == "TCP/IP" and tcp_connection_count > rate_limit:
RATE_LIMITS[protocol] += 1 # Increase rate limit
else:
RATE_LIMITS[protocol] = 5 # Reset to default
# Log rate limit adjustments (for demonstration)
for protocol, rate_limit in RATE_LIMITS.items():
print(f"Adjusted rate limit - {protocol}: {rate_limit}/s")
# Clear connection counters
tcp_connections.clear()
udp_connections.clear()
# Dummy HTTP request handler for demonstration
class RequestHandler(BaseHTTPRequestHandler):
def do_GET(self):
client_address = self.client_address[0]
# Rate limiting for HTTP requests
if client_address not in tcp_connections:
tcp_connections[client_address] = 0
tcp_connections[client_address] += 1
if tcp_connections[client_address] > RATE_LIMITS["HTTP"]:
self.send_response(429)
self.end_headers()
self.wfile.write(b"Rate limit exceeded")
return
# IP filtering
if client_address not in ALLOWED_IPS:
self.send_response(403)
self.end_headers()
self.wfile.write(b"Forbidden")
return
self.send_response(200)
self.end_headers()
self.wfile.write(b"Hello, world!")
def start_tcp_server():
tcp_server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
tcp_server.bind(("0.0.0.0", 8888))
tcp_server.listen(5)
print("TCP server listening on port 8888")
while True:
client_socket, client_address = tcp_server.accept()
# Identify the protocol based on the port or other characteristics
# Implement rate limiting and logic for each protocol here
protocol = "TCP/IP"
if protocol not in RATE_LIMITS:
print(f"Unsupported protocol: {protocol}")
client_socket.close()
continue
if client_address[0] not in tcp_connections:
tcp_connections[client_address[0]] = 0
tcp_connections[client_address[0]] += 1
if tcp_connections[client_address[0]] > RATE_LIMITS[protocol]:
print(f"{protocol} connection from {client_address[0]} blocked due to rate limiting")
client_socket.close()
continue
# IP filtering
if client_address[0] not in ALLOWED_IPS:
print(f"{protocol} connection from {client_address[0]} blocked due to IP filtering")
client_socket.close()
continue
print(f"Accepted {protocol} connection from {client_address[0]}")
try:
# Your protocol-specific logic here
pass
except Exception as e:
print(f"Error handling {protocol} connection: {str(e)}")
finally:
client_socket.close()
def start_http_server():
http_server = HTTPServer(("0.0.0.0", 8080), RequestHandler)
print("HTTP server listening on port 8080")
http_server.serve_forever()
# Implement similar functions for other protocols like SMTP, FTP, SFTP, POP3, IMAP, SSH, and Gopher.
if __name__ == "__main__":
# Start the rate limit adjustment thread
rate_limit_adjustment_thread = threading.Thread(target=adjust_rate_limits)
rate_limit_adjustment_thread.daemon = True
# Start TCP and HTTP servers in separate threads
tcp_thread = threading.Thread(target=start_tcp_server)
http_thread = threading.Thread(target=start_http_server)
rate_limit_adjustment_thread.start()
tcp_thread.start()
http_thread.start()
rate_limit_adjustment_thread.join()
tcp_thread.join()
http_thread.join()