Re: use of -m limit for Syn Flood protection

To: debian-user@lists.debian.org
Subject: Re: use of -m limit for Syn Flood protection
From: Chris Bannister <mockingbird@ihug.co.nz>
Date: Mon, 16 Oct 2006 22:11:56 +1300
Message-id: <[🔎] 20061016091156.GA13611@kan>
In-reply-to: <[🔎] 4530EC09.2020809@eccotours.co.za>
References: <[🔎] 4530EC09.2020809@eccotours.co.za>

On Sat, Oct 14, 2006 at 03:54:17PM +0200, Brent Clark wrote:
> Hey all
> 
> In my continuous quest to understand TCP and netfilter / iptables more, I 
> have started experimenting with rate limiting and different TCP Flags.
> 
> On my Lan I have mail server and obviously ident requests are perform etc, 
> so I currently im trying this

[snip]
 
> So my question is, have I maybe been to aggressive on the limit.
> 
> I use the -j syn-flood for both FORWARD and INPUT

I think this is off topic on this list. There maybe a netfilter list
where this would be extremely on topic.

-- 
Chris.
======
" ... the official version cannot be abandoned because the implication of
rejecting it is far too disturbing: that we are subject to a government
conspiracy of `X-Files' proportions and insidiousness."
Letter to the LA Times Magazine, September 18, 2005.

Reply to:

References:
- use of -m limit for Syn Flood protection
  - From: Brent Clark <bclark@eccotours.co.za>

Prev by Date: Problem with PPPoE in Debian 3.1 sarge
Next by Date: problem partially solved
Previous by thread: use of -m limit for Syn Flood protection
Next by thread: mDNS and /etc/nsswitch.conf
Index(es):
- Date
- Thread