Lucas Frazzetto wrote:
Hello everyone, is a pleasure to be here.I have a problem with my server, it runs qmail SMTP and protect it with shorewall. Since yesterday I get syn flood attacks on port 25, which means that no longer meet. How can I stop this with shorewall?
You can't stop it -- you can only cause excess syn packets to be dropped.
policy:#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST (we must put here?)
Yes -- in your net->all policy. It would also be a good idea to put this in your /etc/shorewall/start file:
echo 1 > /proc/sys/net/ipv4/tcp_syncookies -Tom
loc net ACCEPT $FW net ACCEPT net all DROP info all all REJECT info
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
