hy
i must say before when i tested these rules i only look if iptables blocking in logs i didnt look in bandwith , and iptables blocking packets as you can see in logs, beacouse of nature of flood attack or any ddos even if firewall drop packets port in unusable beacouse to may packets comming and eating resources. i tested with hping. i reed around and everyone sad that flood or any ddos attack must be stopt before reach server, that meens on router or have another firewall machine before.
but i never tested that so canot say. reed around.
https://javapipe.com/iptables-ddos-protection