[tor-relays] syn flood iptables rule

[Toralf Förster]

On 2/22/21 3:27 PM, Toralf Förster wrote:
>
>   # DDoS
>   $IPT -A INPUT -p tcp -m state --state NEW -m recent --name synflood --set
>   $IPT -A INPUT -p tcp -m state --state NEW -m recent --name synflood
> --update --seconds 60 --hitcount 10 -j DROP

just for the record:

In the emanwhile I do think that this idea was BS.

The reason is that if an advisory spoofs the sender address then this
eventually blocks the (spoofed) sender address thereby.

--
Toralf