On Monday 23 August 2004 19:04, Jeff Wilson wrote: > Once again I am awed by and indebted to this list. Thanks for the prompt > response!
That will not help you to solve the problem. It will only cause some troubles
to valid connection states.
You should use src-ip-tracking limiting the number of connections for each IP.
Then you could make a quick math to know the maximum number of states that
your ruleset could create and then install enough RAM.
Ed
