Trying to create a script that will stop a DoS-attack.


We are trying to create a script using Python to block a DoS-script we created as part of a school project. But we are having a hard time finding any information about how we could do this. We have tried to get iptables to work using Python but it will not work or get installed in either 2.7, 3.4 or 3.6 versions.

Are there some bright minds out there who could give us some tips on how to create a script that would counter or block a port/IP or even the MAC-address to a script?

This is the current script we are trying to work on/around, that we are hoping will block a DoS-attack when/if we get it up and working:

We are NOT taking any credit for this script, it is only shown as an example on what we are trying out in hopes that it will give us a better understanding on how it should work. 

import sys

import scapy.all as scapy

import iptc

import time

# Required Data Field

Field = {

# Key      Value Required

'count'      : (5, False) ,

'iface'      : (None, True),  

'timeout'    : (None, False),


# Main Class For Finding DoS Packets

class DoSDetector:

 def __init__ (self, *args, **kwargs):


   All Arguments And Keywords Will Directly Passed To

   Python Scapy Sniff Function.


   self.args = args

   self.kwargs = kwargs{}


  def extract_packets(self, pkt):


   Function For Extracting Packets.

    This Function Is Specially Created For Filtering

    DoS Packets.


   if pkt.haslayer(scapy.Dot11Deauth):

    victim1 = pkt.addr2

    victim2 = pkt.addr1

    if str([victim1, victim2]) in[str([victim1, victim2])][str([victim1, victim2])]+1

    else:[str([victim1, victim2])]=1



  def print_values(self):


   Function For Printing Values


   line = 0

   for a,b in

    v1, v2 = eval(a)

    print "\t[#] DoS Packet : {} <---> {} | Packets : {}".format(v1,v2,b)


   # Backspace Trick



  def Sniffing_Start(self):


   Function For Creating Python Scapy.sniff Function


   scapy.sniff(prn=self.extract_packets, *self.args, **self.kwargs)


# Drop packets from an attacker

class DropIt:

def drop_packet:

  if xx

     rule = iptc.Rule()

     match = iptc.Match(rule, "tcp")

     target = iptc.Target(rule, "DROP")

     rule.add_match(match) = target




# Main Function

def main(*args, **kwargs):

DoSDetector(*args, **kwargs)


# Main Trigger

if __name__ ==' __main__':

if len(sys.argv)==2:



 print (" [Error] Please Provide Monitor Mode Interface Name ALso \n\n\t:~# sudo {} mon0 ".format(sys.argv[0]))

This would help us tremendously in getting further on our project.

Would like to point out that this is not our script from scratch, but we are looking for something like it.

"The thing that we could have made more clear is that the script linked in our question is more of an example. We wanted to find one that works, and by then understanding how it works write our own".  -edit 

Thanks in advance!


Team P.N.O.P