suhail, 2004-Feb-09 15:15 -0800:
> Hello,
> I need to know how can a firewall be tested against a SYN Flooder. I
> have the SYN flooder program and also configured my firewall. My
> IPtables script against the SYN packets is the usual :
>
> > $IPTABLES -N syn-flood
> > $IPTABLES -A syn-flood -m limit --limit 50/s --limit-burst 104 -j RETURN
One way is to add a line here like the following:
$IPTABLES -A syn-flood -j LOG --log-prefix "SYN-flood: "
This will log each packet before the next rule with drops it. The
logging will go to syslog with the above prefix prepended.
> > $IPTABLES -A syn-flood -j DROP
> > $IPTABLES -A OUTPUT -p tcp --syn -j syn-flood
>
> Now how do i actually find out if the packets are being dropped.
> i.e where shud I chk my system log files to see the dropped packets
> ... I mean which file is it n under which dir ..
The logging done as shown above goes to syslog. I use syslog-ng and
filter the firewall log messages into a separate file.
> And.. where shud I add the LOG prefix in the chains ?
> Please help me out as i desperately need to know this. Help truly appreciated.
The prefix is shown above.
jc
--
Jeff Coppock Systems Engineer
Diggin' Debian Admin and User
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
From [EMAIL PROTECTED] Mon Feb 09 21:22:59 2004
Return-path: <[EMAIL PROTECTED]>
Envelope-to: [EMAIL PROTECTED]
Received: from intm-dl.sparklist.com ([64.62.197.83])
by toko.jab.org with smtp (Exim 3.36 #1 (Debian))
id 1AqQMN-0008JP-00
for <[EMAIL PROTECTED]>; Mon, 09 Feb 2004 21:22:59 -0800
Date: Mon, 9 Feb 2004 23:26:44 -0500
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
From: "Doug R" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [isp-wireless] Re: Is Nextel going to control our market?
X-Mailer: <IMail v8.05>
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
How about -
Everyone thinks that cellular prices will drop now that you can keep your number.
---------- Original Message ----------------------------------
From: "Tom DeReggi" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Date: Mon, 9 Feb 2004 10:31:44 -0500
>To me it sounds like the Flarion is a neat product, and Nextel is on its way
>to Wireless Data.
>
>However, Don't forget the past.
>Everyone thought Cometa was going to take over the world.
>Everyone thought Verizon was going to take over the world.
>Everyone thought 3G, 4G was going to take over roaming.
>Numerous vendors have claimed they would have HotSPots in 2000,5000, 10,000
>loaction by years end, year after year.
>
___________ � The ISP-WIRELESS Discussion List � ___________
To Join: mailto:[EMAIL PROTECTED]
To Remove: mailto:[EMAIL PROTECTED]
Archives: http://isp-lists.isp-planet.com/isp-wireless/archives/
To unsubscribe via postal mail, please contact us at:
Jupitermedia Corp.
Attn: Discussion List Management
475 Park Avenue South
New York, NY 10016
Please include the email address which you have been contacted with.
