On 09.11.2019 15:24, Claudio Jeker wrote:
>> So nobody is using syncookies/synproxy at all?
>
> I guess that is a reasonably safe assumption. syncookies are rather new
> and probably need more battle testing.
OK, then I will send a bug report.
> synproxy never helped me much in
> case of a SYN
On Sat, Nov 09, 2019 at 01:30:32PM +0100, Markus Wernig wrote:
> Hm, also no replies to that one :-)
>
> On 11/6/19 8:15 PM, Markus Wernig wrote:
>
> > So just to make sure: Is anybody using syncookies and/or synproxy in
> > production in a similar setup?
>
> So nobody is using
Hm, also no replies to that one :-)
On 11/6/19 8:15 PM, Markus Wernig wrote:
> So just to make sure: Is anybody using syncookies and/or synproxy in
> production in a similar setup?
So nobody is using syncookies/synproxy at all?
best /m
Hi again
Nobody has answered, so I suppose nobody else has this problem :-)
That's good.
So just to make sure: Is anybody using syncookies and/or synproxy in
production in a similar setup?
Thx /markus
On 11/4/19 8:35 PM, Markus Wernig wrote:
> Hi all
>
> After being hit by some synflood
Hi all
After being hit by some synflood waves recently I enabled syncookies on
our OBSD 6.6 i386 CARP fw pair:
set syncookies always
This stopped the state table from filling up. But after some hours pf
started (randomly?) dropping legitimate connection attempts, both on
external->internal
5 matches
Mail list logo
