I'm not sure if it is a "nice catch" or not yet. It's merely me (now us) tying two anomalies together that might be connected. Can you convert that -j drop to a -j log to see where they come from?
For example I was failing to negotiate ecn while at this conference, which also meant a dropped syn. On Tue, Sep 10, 2019 at 7:08 PM Maciej Sołtysiak <[email protected]> wrote: > > > OK, I started a topic over there. It would be good to know how many > > other firewall tools set a syn limit by default, but that would take > > way more research. > > > > https://forum.openwrt.org/t/the-synflood-limit-is-too-low-for-the-modern-internet/43957 > Nice catch! I've 10 to 15 devices on my network. Just in 24h I see I had 10k > SYN's rejected! > -- Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740 _______________________________________________ Bloat mailing list [email protected] https://lists.bufferbloat.net/listinfo/bloat
