* Henrik Nordstrom <[EMAIL PROTECTED]>: > On Monday 16 June 2003 10.58, Jay Turner wrote: > > > iptables -N syn-flood > > iptables -A INPUT -i $IFACE -p tcp --syn -j syn-flood > > iptables -A syn-flood -m limit --limit 1/s --limit-burst 80 -j > > RETURN iptables -A syn-flood -j LOG --log-prefix > > "syn-flood-protection: " iptables -A syn-flood -j DROP > > Problem with this is that the same limit is applied to all > connections. If one single IP address syn-floods the server then no > new connections will be accepted from anywhere.
Exactly. But we only want to conveniently block the runaway client. -- Ralf Hildebrandt (Im Auftrag des Referat V a) [EMAIL PROTECTED] Charite Campus Mitte Tel. +49 (0)30-450 570-155 Referat V a - Kommunikationsnetze - Fax. +49 (0)30-450 570-916 AIM: ralfpostfix