* senseful setup against flooding attack
@ 2012-10-11 17:45 Markus Feldmann
0 siblings, 0 replies; only message in thread
From: Markus Feldmann @ 2012-10-11 17:45 UTC (permalink / raw)
To: netfilter
Hi All,
i have problems and i am not not sure how to setup my flooding attack
rule withe senseful values. Here is my iptable-rule:
> iptables -A attacksinput -p tcp -m conntrack --ctstate NEW -m multiport --dports 1:79,81:442,444:65535 -m hashlimit --hashlimit-name attacksinnot_80 --hashlimit-upto 6/hour --hashlimit-burst 20 --hashlimit-mode srcip -j LOG --log-level info --log-prefix "attacksinput(!80): " && \
So my hashlimit-burst is only 20 and my hashlimit-upto is 6/hour. I want
to run a server application which doesnt fit with this setting. The
incoming connection is really fast blocked. Which values are critical or
the maximal limit for a mini-ITX server with intel atom N270 cpu? I have
DSL 6000.
regards Markus
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2012-10-11 17:45 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-10-11 17:45 senseful setup against flooding attack Markus Feldmann
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).