Sometimes it is necessary to limit the outbound TCP/IP connections to a value that you can control. In this specific example, allow up to 60 connections per second on port 25 with an optional burst of 30. This is useful especially on mail servers experiencing an extremely high load spike in which case you will want to control the outgoing flow.
iptables -N syn_flood
iptables -A OUTPUT -p tcp –syn –dport 25 -j syn_flood
iptables -A syn_flood -m limit –limit 60/m –limit-burst 30 -j RETURN
iptables -A syn_flood -j LOG –log-prefix “–dropped extra syn packet– “
iptables -A syn_flood -j DROP
Remember to save the firewall rules. On CentOS / Red Hat based systems:
service iptables save