I have a VPS with debian 10 installed, primarily used for website hosting. when I issue a ping to the server from a remote machine, I am able to and receive responses for packet sizes up to around 64Kb using -s 65507 flag. using sudo also enables me to increase the default ping maximum frequency from 5 per second using the -i flag. as the man ping page states, this is plausible behaviour.
what I would like to know is on the server, how can I limit ping responses to e.g. maximum x responses per second and maximum y Kb packet size? so that the command following command should NOT be possible:
sudo ping example.com -s 65507 -i 0.001
that is, "send 1000 64Kb pings to example.com every second".
which would flood the server with 64Mb/s worth of pings, all of which are being answered (albeit with a backlog) and reported back to the ping-issuing remote machine. I repeat, I do NOT want this to be possible for obvious reasons. despite having a basic firewall and fail2ban I am astonished this is possible at all and permissible with default config settings.
I have googled to no avail - nearly all results are for issuing the ping itself, there is nothing on how to limit responses on the target server. I have also tried changing /proc/sys/net/ipv4/icmp_ratelimit to a lower value than 1000 ICMP packets per second, but this appears to have no effect, even when reboot-proofing in /etc/sysctl.conf.
ideally, I would like to set a maximum interval of 0.5 seconds and a maximum packet size of 32 bytes, which I feel is perfectly adequate and reasonable for the purpose of pinging, i.e. checking connectivity and latency. by doing this it would defend against ping flooding, which is a big concern, because as it stands at the moment the server is prone to DoS attacks through this ICMP vector.
do I need some other tool or software, or am I missing something?
many thanks in advance
