I have cisco asa 5505 and bhind this Linux centos and windows

i want to configure the windows server behind linux centos

example : ASA 5505 >>> Linux>>> Windows to protect the server through Lunux coz asa 5505 couldnot help to limiting pps

all are in data center how can implement these rules in linux centos for windows



Server is listening on UDP port 1805 for encrypted packets, but hackers sends a lot of data for this port assuming that there is SIP server.
Such hack attepmts blocks tunnel service and good clients cannot connect to it.
To prevent our customers from such DoS attacks please add at least the following rules to your firewall:

block SIP requests REGISTER, INVITE, SUBSCRIBE that come to UDP port 1805
block more than 50pps from one IP for UDP port 1805 (one IP is not able to send more than 50 packets per second for this port)

there are sample Linux netfilter rules for such issue:
SERVER_IP - IP address of voipswitch server

iptables -A FORWARD -m string --string "INVITE sip:" --algo bm --to 65 -p udp --dport 1805 -d SERVER_IP -j DROP
iptables -A FORWARD -m string --string "REGISTER sip:" --algo bm --to 65 -p udp --dport 1805 -d SERVER_IP -j DROP
iptables -A FORWARD -m string --string "SUBSCRIBE" --algo bm --to 65 -p udp --dport 1805 -d SERVER_IP -j DROP
iptables -A FORWARD -m string --string "MESSAGE" --algo bm --to 65 -p udp --dport 1805 -d SERVER_IP -j DROP
iptables -A FORWARD -m string --string "OPTIONS" --algo bm --to 65 -p udp --dport 1805 -d SERVER_IP -j DROP
iptables -A FORWARD -m hashlimit --hashlimit 50/sec --hashlimit-mode srcip,dstport --hashlimit-name tunnel_limit -d SERVER_IP -p UDP --dport 1805 -j ACCEPT
iptables -A FORWARD -d SERVER_IP -p UDP --dport 1805 -j DROP