Ok this is onlly protecting itself INPUT only. When i pipe lots of traffic evrything works no error. So this is only Happening when i get hit by synflood. my Upstream to my ISP is 100Mbit SynFlood traffic about 5Mbit is enouf to get the Kernel Error MSG. (5Mbit is from MRTG) and im using 2.4.18 Kernel.
I had a reply about saying that 8139too and eepro100 cards and drivers cant handle heavy load if this is throo what card CAN handle so much load. Couse if I do some normal stuff download, upload from that linux box and use up all the 100Mbit i get no error. So this problem is only with SynFlood. I wonder if it has anything to do getting lots of packets and with SRC faked addresses. And yes my IPTABLES INPUT rules drop all the packets they dont reply to any when the SynAttack comes in. AnyWay REALLY STRANGE! P.S.: Hope this is not off topic Thank you for your reply and help any more sugjestions would help Thank You! On Thursday 11 April 2002 21:24, you wrote: > Is this firewall only protecting itself (INPUT) or others behind > it (FORWARD) as well? But anyway, if the cause of your problem is > synflood and that your ethernet driver is being DoS'ed (that's my > interpretation from "eth0: Too much work at interrupt...") then > I'd say that there is nothing iptables can do for you as it (iptables) > reacts on the packets your driver hands over to it. I might be wrong > here. What happens when you pipe lots of data through your card, eg > when you almost saturate the link? In both directions? Or is this > only happening when you get hit by synflood? > > But, it seems weird though. Your ethernet card should be able to > handle that much of a traffic that the upstream ethernet port is > sending. What is your upstream bandwidth to your ISP? And what is > your upstream bandwidth from your linux box? And how much synflood > traffic is hitting you each time? > > Ramin
