iptables -N synfoold
iptables -A synfoold -p tcp --syn -m limit --limit 1/s -j RETURN
iptables -A synfoold -p tcp -j REJECT --reject-with tcp-reset
iptables -A INPUT -p tcp -m state --state NEW -j synfoold

iptables -N ping
iptables -A ping -p icmp --icmp-type echo-request -m limit --limit \
1/second -j RETURN
iptables -A ping -p icmp -j REJECT
iptables -I INPUT -p icmp --icmp-type echo-request -m state --state NEW \
-j ping

/proc/sys/net/ipv4/icmp_echo_ignore_all

> [root@babu netfilter]# pwd
> /lib/modules/2.4.13-7mdk/kernel/net/ipv4/netfilter
> [root@babu netfilter]# ls
> ip_conntrack.o.gz ipchains.o.gz ipt_mark.o.gz
> ip_conntrack_ftp.o.gz ipfwadm.o.gz ipt_multiport.o.gz
> ip_conntrack_h323.o.gz ipt_LOG.o.gz ipt_owner.o.gz
> ip_conntrack_irc.o.gz ipt_MARK.o.gz ipt_state.o.gz
> ip_conntrack_talk.o.gz ipt_MASQUERADE.o.gz ipt_tcpmss.o.gz
> ip_nat_ftp.o.gz ipt_MIRROR.o.gz ipt_tos.o.gz
> ip_nat_h323.o.gz ipt_REDIRECT.o.gz ipt_unclean.o.gz
> ip_nat_irc.o.gz ipt_REJECT.o.gz iptable_filter.o.gz
> ip_nat_talk.o.gz ipt_TCPMSS.o.gz iptable_mangle.o.gz
> ip_queue.o.gz ipt_TOS.o.gz iptable_nat.o.gz
> ip_tables.o.gz ipt_limit.o.gz
> ip_vs/ ipt_mac.o.gz