Hi Pablo, please consider these enhancements to the IPVS. They allow its DoS mitigation strategy effective in conjunction with the SIP persistence engine.
The following changes since commit cb39ad8b8ef224c544074962780bf763077d6141: netfilter: nf_tables: allow set names up to 32 bytes (2016-05-05 16:39:51 +0200) are available in the git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs-next.git tags/ipvs2-for-v4.7 for you to fetch changes up to 698e2a8dca98e4de32f3f630e6d9cd93753c52e1: ipvs: make drop_entry protection effective for SIP-pe (2016-05-06 16:26:23 +0900) ---------------------------------------------------------------- Marco Angaroni (1): ipvs: make drop_entry protection effective for SIP-pe net/netfilter/ipvs/ip_vs_conn.c | 22 +++++++++++++++++++--- net/netfilter/ipvs/ip_vs_core.c | 8 +++++++- 2 files changed, 26 insertions(+), 4 deletions(-) Marco Angaroni (1): ipvs: make drop_entry protection effective for SIP-pe net/netfilter/ipvs/ip_vs_conn.c | 22 +++++++++++++++++++--- net/netfilter/ipvs/ip_vs_core.c | 8 +++++++- 2 files changed, 26 insertions(+), 4 deletions(-) -- 2.7.0.rc3.207.g0ac5344
