I found out the source of SYN FLOOD Address , how can i block it , is the best ?
Sep 18 11:11:43 web kernel: SYN flood: IN=eth0 OUT= MAC=00:11:2f:1c:b3:c6:00:05:dc:97:6d:3c:08:00 SRC=203.218.169.180 DST=xxx.xxx.xxx.xxx
LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=1030 DF PROTO=TCP SPT=2580 DPT=80 WINDOW=64800 RES=0x00 SYN URGP=0
Sep 18 11:11:43 web kernel: SYN flood: IN=eth0 OUT= MAC=00:11:2f:1c:b3:c6:00:05:dc:97:6d:3c:08:00 SRC=218.102.92.218 DST=xxx.xxx.xxx.xxx LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=21261 DF PROTO=TCP SPT=2566 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 18 11:11:43 web kernel: SYN flood: IN=eth0 OUT= MAC=00:11:2f:1c:b3:c6:00:05:dc:97:6d:3c:08:00 SRC=218.80.126.189 DST=xxx.xxx.xxx.xxx LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=46337 DF PROTO=TCP SPT=4847 DPT=80 WINDOW=64800 RES=0x00 SYN URGP=0
Sep 18 11:11:43 web kernel: SYN flood: IN=eth0 OUT= MAC=00:11:2f:1c:b3:c6:00:05:dc:97:6d:3c:08:00 SRC=203.218.169.180 DST=xxx.xxx.xxx.xxx LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=1014 DF PROTO=TCP SPT=2578 DPT=80 WINDOW=64800 RES=0x00 SYN URGP=0
this guy use many different un real ip to attack my server
... but i know his mac address now 
... can i just block his mac address in iptable ?
