[tor-relays] syn flood iptables rule

Toralf Förster toralf.foerster at gmx.de
Tue Mar 30 17:46:14 UTC 2021


On 2/22/21 3:27 PM, Toralf Förster wrote:
>
>   # DDoS
>   $IPT -A INPUT -p tcp -m state --state NEW -m recent --name synflood --set
>   $IPT -A INPUT -p tcp -m state --state NEW -m recent --name synflood
> --update --seconds 60 --hitcount 10 -j DROP

just for the record:

In the emanwhile I do think that this idea was BS.

The reason is that if an advisory spoofs the sender address then this
eventually blocks the (spoofed) sender address thereby.

--
Toralf


More information about the tor-relays mailing list