[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] syn flood iptables rule



On 2/22/21 3:27 PM, Toralf Förster wrote:

  # DDoS
  $IPT -A INPUT -p tcp -m state --state NEW -m recent --name synflood --set
  $IPT -A INPUT -p tcp -m state --state NEW -m recent --name synflood
--update --seconds 60 --hitcount 10 -j DROP

just for the record:

In the emanwhile I do think that this idea was BS.

The reason is that if an advisory spoofs the sender address then this
eventually blocks the (spoofed) sender address thereby.

--
Toralf
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays