Tutorial Netfilter Module to prevent DNS Amplification attacks

NatureNMoon

Restricted
Jul 8, 2016
70
124
86
Hi everyone;

I am aware of many people have serious issues about DNS Amplification attacks. That's why, I have developed netfilter module to prevent DNS Amplification Attacks.

What is the purpose of this netfilter module?
* This module prevents all UDP source-port 53 traffic except Google DNS Servers, 8.8.8.8 and 8.8.4.4 (You can change these DNS servers easily by editing the netfilter module)​

How can I use this?
* Add these 2 files "Makefile" and "r4p3-dns-netfilter.c" to your root directory.(Both of these files must be in the same directory)​
* Give them permission by using the command line below;​
Code:
chmod 777 Makefile && chmod 777 r4p3-dns-netfilter.c
* After giving permission, use the command line below to compile the netfilter module for your kernel version​
Code:
make
* After compiling the netfilter module, insert the netfilter module into your kernel by using the command line below;​
Code:
insmod r4p3-dns-netfilter.ko
* If you DO NOT have enough permission to compile the module, you can use the command line below(especially Debian/Ubuntu);​
Code:
sudo insmod r4p3-dns-netfilter.ko
* You can check if the module works or not by using the command line below;​
Code:
lsmod |grep r4p3
* If you want to remove this module, you can use the command line below;​
Code:
rmmod r4p3-dns-netfilter
* If you cannot remove this module, you may not have enough permission, please use the command line below(especially Ubuntu/Debian);​
Code:
sudo rmmod r4p3-dns-netfilter


WARNING: The power of this module depends on the CPU, RAM, STORAGE, BANDWIDTH of your servers.

If you use tcpdump, you can test it easily. In tcpdump output, you will clearly see no packet coming from source-port 53 udp except Google DNS Servers -8.8.8.8 and 8.8.4.4-
This module is literally better than IPTABLES drop rules. You can create your own netfilter modules.
I hope that you will create your own netfilter modules and share them with us.

PLEASE READ THE DESCIPTIONS IN THE NETFILTER MODULE CAREFULLY.
DO NOT HESITATE TO KEEP IN TOUCH WITH ME.
 

Attachments

  • r4p3-dns-netfilter.rar
    1.3 KB · Views: 23
Last edited:

aLp59

Member
Jul 13, 2016
3
5
38
I have been trying to code netfilter module, but I couldn't even compile it well. I really dunno what to say, thank you so much, by the way, can you please code for SSDP and LDAP attacks?
 

NatureNMoon

Restricted
Jul 8, 2016
70
124
86
I have been trying to code netfilter module, but I couldn't even compile it well. I really dunno what to say, thank you so much, by the way, can you please code for SSDP and LDAP attacks?
Nowadays, I am working on a netfilter module which will block almost all Reflection/Amplification attacks. It will take some time...
 

semsem11

New Member
Jun 30, 2022
1
0
3
hi ,
i have been trying to compile the module as you explain but i get this error in terminal

make -C /lib/modules/4.15.0-188-generic/build M=/root modules
make[1]: Entering directory '/usr/src/linux-headers-4.15.0-188-generic'
CC [M] /root/r4p3-dns-netfilter.o
/root/r4p3-dns-netfilter.c: In function ‘init_module’:
/root/r4p3-dns-netfilter.c:57:13: error: assignment from incompatible pointer type [-Werror=incompatible-pointer-types]
nfho.hook = hook_func; //function to call when conditions below met
^
/root/r4p3-dns-netfilter.c:61:3: error: implicit declaration of function ‘nf_register_hook’; did you mean ‘nf_register_net_hook’? [-Werror=implicit-function-declaration]
nf_register_hook(&nfho); //register hook
^~~~~~~~~~~~~~~~
nf_register_net_hook
/root/r4p3-dns-netfilter.c: In function ‘cleanup_module’:
/root/r4p3-dns-netfilter.c:69:3: error: implicit declaration of function ‘nf_unregister_hook’; did you mean ‘nf_unregister_net_hook’? [-Werror=implicit-function-declaration]
nf_unregister_hook(&nfho); //cleanup – unregister hook
^~~~~~~~~~~~~~~~~~
nf_unregister_net_hook
cc1: some warnings being treated as errors
scripts/Makefile.build:340: recipe for target '/root/r4p3-dns-netfilter.o' failed
make[2]: *** [/root/r4p3-dns-netfilter.o] Error 1
Makefile:1590: recipe for target '_module_/root' failed
make[1]: *** [_module_/root] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-4.15.0-188-generic'
Makefile:3: recipe for target 'all' failed
make: *** [all] Error 2


could you help me please?
thanx
 

Alligatoras

Administrator
Mar 31, 2016
2,570
12
2,857
381
hi ,
i have been trying to compile the module as you explain but i get this error in terminal

make -C /lib/modules/4.15.0-188-generic/build M=/root modules
make[1]: Entering directory '/usr/src/linux-headers-4.15.0-188-generic'
CC [M] /root/r4p3-dns-netfilter.o
/root/r4p3-dns-netfilter.c: In function ‘init_module’:
/root/r4p3-dns-netfilter.c:57:13: error: assignment from incompatible pointer type [-Werror=incompatible-pointer-types]
nfho.hook = hook_func; //function to call when conditions below met
^
/root/r4p3-dns-netfilter.c:61:3: error: implicit declaration of function ‘nf_register_hook’; did you mean ‘nf_register_net_hook’? [-Werror=implicit-function-declaration]
nf_register_hook(&nfho); //register hook
^~~~~~~~~~~~~~~~
nf_register_net_hook
/root/r4p3-dns-netfilter.c: In function ‘cleanup_module’:
/root/r4p3-dns-netfilter.c:69:3: error: implicit declaration of function ‘nf_unregister_hook’; did you mean ‘nf_unregister_net_hook’? [-Werror=implicit-function-declaration]
nf_unregister_hook(&nfho); //cleanup – unregister hook
^~~~~~~~~~~~~~~~~~
nf_unregister_net_hook
cc1: some warnings being treated as errors
scripts/Makefile.build:340: recipe for target '/root/r4p3-dns-netfilter.o' failed
make[2]: *** [/root/r4p3-dns-netfilter.o] Error 1
Makefile:1590: recipe for target '_module_/root' failed
make[1]: *** [_module_/root] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-4.15.0-188-generic'
Makefile:3: recipe for target 'all' failed
make: *** [all] Error 2


could you help me please?
thanx
I don't think that he will ever reply to since he is permanently banned from the forums!
 

riyuko

Member
May 16, 2020
4
1
38
hi ,
i have been trying to compile the module as you explain but i get this error in terminal

make -C /lib/modules/4.15.0-188-generic/build M=/root modules
make[1]: Entering directory '/usr/src/linux-headers-4.15.0-188-generic'
CC [M] /root/r4p3-dns-netfilter.o
/root/r4p3-dns-netfilter.c: In function ‘init_module’:
/root/r4p3-dns-netfilter.c:57:13: error: assignment from incompatible pointer type [-Werror=incompatible-pointer-types]
nfho.hook = hook_func; //function to call when conditions below met
^
/root/r4p3-dns-netfilter.c:61:3: error: implicit declaration of function ‘nf_register_hook’; did you mean ‘nf_register_net_hook’? [-Werror=implicit-function-declaration]
nf_register_hook(&nfho); //register hook
^~~~~~~~~~~~~~~~
nf_register_net_hook
/root/r4p3-dns-netfilter.c: In function ‘cleanup_module’:
/root/r4p3-dns-netfilter.c:69:3: error: implicit declaration of function ‘nf_unregister_hook’; did you mean ‘nf_unregister_net_hook’? [-Werror=implicit-function-declaration]
nf_unregister_hook(&nfho); //cleanup – unregister hook
^~~~~~~~~~~~~~~~~~
nf_unregister_net_hook
cc1: some warnings being treated as errors
scripts/Makefile.build:340: recipe for target '/root/r4p3-dns-netfilter.o' failed
make[2]: *** [/root/r4p3-dns-netfilter.o] Error 1
Makefile:1590: recipe for target '_module_/root' failed
make[1]: *** [_module_/root] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-4.15.0-188-generic'
Makefile:3: recipe for target 'all' failed
make: *** [all] Error 2


could you help me please?
thanx
May you inform me about server specs and what operating system you are using?
 
Top