hi, i wanna be protected against syn flood attack ... ok ... but i don't really know what is the best solution : iptables -A FORWARD -p tcp --syn -m limit --limit 1/s ACCEPT or # Enable TCP SYN Cookie Protection #echo 1 > /proc/sys/net/ipv4/tcp_syncookies are there the same or not ??? tchuss SAM -- To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org