Limit paketu per zdrojova IP a SYN flood

Vilem Kebrt vilem.kebrt at gmail.com
Wed Jan 18 15:20:13 CET 2017

Previous message (by thread): Limit paketu per zdrojova IP a SYN flood
Next message (by thread): SSH tunel - SOCK - outgoing IP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Zdar,

ja tohle pouzivam v pfku uz dost dlouho:

table <bruteforce>

drop quick from <bruteforce> to any

pass log quick proto tcp from any to $my_ip port { XXXX } flags S/SA
keep state (max-src-conn-rate 100/2, overload <bruteforce> flush global)

Je to ciste otazka nastaveni poctu spojeni per sluzba potom...

Jelikoz to mam na malem hostingovem serveriku, tak mi 50 spojeni per ip
dostacuje, pokud to overloadne, tak uz se s nim server nasledne nebavi
vubec.

Vilem


On 01/15/2017 07:58 PM, Radek Krejča wrote:
>> To myslis, ze stves nejakou konkurenci az tak, ze si na tebe objednala
>> utok ?
>>
> Jeste me napadl jeden duvod, ze to je odveta nejakemu klientovi za nepristojne chovani. To by vysvetlovalo u to, ze se to vraci na jeden jediny router.
> R
>

-- 

S pozdravem Vilem Kebrt
email: vilem.kebrt at gmail.com

Previous message (by thread): Limit paketu per zdrojova IP a SYN flood
Next message (by thread): SSH tunel - SOCK - outgoing IP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list