[Shorewall-users] SYN Flood Protection for Testing

Tom Eastep teastep@shorewall.net
Wed, 24 Apr 2002 07:21:44 -0700 (PDT)


I've implemented optional syn flood protection and have made a copy 
available for testing.

This implementation adds a fourth column to the /etc/shorewall/policy 
file:

LIMIT:BURST

The LIMIT is a maximum rate such as 4/sec -- the BURST is the maximum 
burst of SYNs acceptable. SYN rates in excess of what is specified result 
in SYN packets being dropped.

Example of a complete entry:

net	dmz	ACCEPT	-	10/sec:40

Feedback welcome,
-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net