9 Nov
2022
9 Nov
'22
4:34 p.m.
On 11/8/22 10:57, Chris wrote:
The main reason is that a simple SYN flood can quickly fill up your conntrack table and then legitimate packets are quietly dropped and you won't see any problems thinking everything is perfect with your server unless you dig into your system logs.
Hhm, my system log doesn't show any problems, maybe due to (or regardless of?): CONFIG_SYN_COOKIES=y ? Nevertheless, I updated the Readme to explain my point of view [1] [2].
[1] https://github.com/toralf/torutils#block-ddos-traffic [2] https://github.com/toralf/torutils#rule-set
-- Toralf