DDOSing Myself, Firewalling Myself

2016/09/28 code unix

I've been so excited about my WebRTC experiments that I temporarily became an annoying person that locked into any remotely friendly person with a computer in their hands, demanding that they let me test out a connection between our devices.

Another sloppy mistake I made was in the JavaScript client. I set to ping over and over and over until it made a connection... forever.

I also have some sloppy server-side logic to match. The exchange is "locker" based. This means that whatever is put into a locker, is able to be taken out exactly once before it is deleted. Also, there's only one locker.


Put together, these mistakes resulted in an incredibly low wattage, 1-request-per-second DDOS of my own app by friendly a coworker's computer. Embarrassing, I know.

I could wait until tomorrow to fix it, but it presented a neat opportunity to acquaint myself with a little firewall logic.

The muscle here is iptables, but it's got a somewhat arcane syntax, so instead we use a common configuration front-end called ufw, the uncomplicated firewall. Tutorials abound, but the gist is this:

It takes about a minute to kick in, for whatever reason.