Trying to create a script that will stop a DoS-attack.

Hi,

We are trying to create a script using Python to block a DoS-script we created as part of a school project. But we are having a hard time finding any information about how we could do this. We have tried to get iptables to work using Python but it will not work or get installed in either 2.7, 3.4 or 3.6 versions.

Are there some bright minds out there who could give us some tips on how to create a script that would counter or block a port/IP or even the MAC-address to a script?

This is the current script we are trying to work on/around, that we are hoping will block a DoS-attack when/if we get it up and working:

We are NOT taking any credit for this script, it is only shown as an example on what we are trying out in hopes that it will give us a better understanding on how it should work. 

import sys

import scapy.all as scapy

import iptc

import time




# Required Data Field

Field = {

# Key      Value Required

'count'      : (5, False) ,

'iface'      : (None, True),  

'timeout'    : (None, False),

}




# Main Class For Finding DoS Packets

class DoSDetector:

 def __init__ (self, *args, **kwargs):

   """

   All Arguments And Keywords Will Directly Passed To

   Python Scapy Sniff Function.



   """

   self.args = args

   self.kwargs = kwargs

   self.data={}

   self.Sniffing_Start()



  def extract_packets(self, pkt):

   """

   Function For Extracting Packets.

    This Function Is Specially Created For Filtering

    DoS Packets.

   """

   if pkt.haslayer(scapy.Dot11Deauth):

    victim1 = pkt.addr2

    victim2 = pkt.addr1

    if str([victim1, victim2]) in self.data.keys():

     self.data[str([victim1, victim2])]=self.data[str([victim1, victim2])]+1

    else:

     self.data[str([victim1, victim2])]=1

    self.print_values()

   return



  def print_values(self):

   """

   Function For Printing Values

   """

   line = 0

   for a,b in self.data.iteritems():

    v1, v2 = eval(a)

    print "\t[#] DoS Packet : {} <---> {} | Packets : {}".format(v1,v2,b)

    line+=1



   # Backspace Trick

   sys.stdout.write("\033[{}A".format(line))

   return



  def Sniffing_Start(self):

   '''

   Function For Creating Python Scapy.sniff Function

   '''

   scapy.sniff(prn=self.extract_packets, *self.args, **self.kwargs)

   return




# Drop packets from an attacker

class DropIt:

def drop_packet:

  if xx

     rule = iptc.Rule()

     match = iptc.Match(rule, "tcp")

     target = iptc.Target(rule, "DROP")

     rule.add_match(match)

     rule.target = target

   else

    pass

  return





# Main Function

def main(*args, **kwargs):

DoSDetector(*args, **kwargs)

return




# Main Trigger

if __name__ ==' __main__':

if len(sys.argv)==2:

 main(iface=sys.argv[1])

else:

 print (" [Error] Please Provide Monitor Mode Interface Name ALso \n\n\t:~# sudo {} mon0 ".format(sys.argv[0]))

This would help us tremendously in getting further on our project.

Would like to point out that this is not our script from scratch, but we are looking for something like it.

"The thing that we could have made more clear is that the script linked in our question is more of an example. We wanted to find one that works, and by then understanding how it works write our own".  -edit 

Thanks in advance!

Regards

Team P.N.O.P