(Cc'ing netdev and netfilter-devel)
On Mon, May 11, 2015 at 2:29 AM, Klaus Ethgen wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Recently I tried to mitigate some slow attacks via netfilter rule
> utilizing hashlimit target. I used the following specification:
>
>-A DETECT_INV
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Recently I tried to mitigate some slow attacks via netfilter rule
utilizing hashlimit target. I used the following specification:
-A DETECT_INVALID -m hashlimit --hashlimit-upto 10/hour --hashlimit-mode
srcip --hashlimit-name attack_invalid -j R
2 matches
Mail list logo
