Re: use of -m limit for Syn Flood protection
On Sat, Oct 14, 2006 at 03:54:17PM +0200, Brent Clark wrote:
> Hey all
>
> In my continuous quest to understand TCP and netfilter / iptables more, I
> have started experimenting with rate limiting and different TCP Flags.
>
> On my Lan I have mail server and obviously ident requests are perform etc,
> so I currently im trying this
[snip]
> So my question is, have I maybe been to aggressive on the limit.
>
> I use the -j syn-flood for both FORWARD and INPUT
I think this is off topic on this list. There maybe a netfilter list
where this would be extremely on topic.
--
Chris.
======
" ... the official version cannot be abandoned because the implication of
rejecting it is far too disturbing: that we are subject to a government
conspiracy of `X-Files' proportions and insidiousness."
Letter to the LA Times Magazine, September 18, 2005.
Reply to: