Jump to content
  • 0

Мнение за SYN filtering


selianina

Question

Здравейте колеги , да попитам някой ползвал ли е :

  • SYN filtering

Some advanced filtering can by applied to tcp packet state.

/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new \

action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes

/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new \

action=accept comment="" disabled=no

/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new \

action=drop comment="" disabled=no

"syn limit=400" is a threshold, just enable rule in forward for syn packets to get dropped (for excessive amount of new connection)

Някакво мнение по въпроса има ли ефект при добавянето му и прави ли някакви проблеми след това?

Поздрави,

Деян Димитров

Link to comment
Share on other sites

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.