On Monday 16 June 2003 10.58, Jay Turner wrote: > iptables -N syn-flood > iptables -A INPUT -i $IFACE -p tcp --syn -j syn-flood > iptables -A syn-flood -m limit --limit 1/s --limit-burst 80 -j > RETURN iptables -A syn-flood -j LOG --log-prefix > "syn-flood-protection: " iptables -A syn-flood -j DROP
Problem with this is that the same limit is applied to all connections. If one single IP address syn-floods the server then no new connections will be accepted from anywhere. Regards Henrik -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
