# Make sure NEW tcp connections are SYN packets
iptables -N syn-flood
iptables -A INPUT -p tcp --syn -j syn-flood
iptables -A syn-flood -m limit --limit 1/s --limit-burst 4 -j RETURN
iptables -A syn-flood -j DROP
iptables -A INPUT -i eth0 -p tcp ! --syn -m state --state NEW -j DROP
#SYN_RECV
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo "10" > /proc/sys/net/ipv4/tcp_fin_timeout
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo "5000" > /proc/sys/net/ipv4/tcp_max_syn_backlog
#TIME_WAIT
echo "180000" > /proc/sys/net/ipv4/tcp_max_tw_buckets
echo "1" > /proc/sys/net/ipv4/tcp_rfc1337
echo "1" > /proc/sys/net/ipv4/tcp_tw_recycle
echo "1" > /proc/sys/net/ipv4/tcp_tw_reuse
echo "5" > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait
echo "10" > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_recv
echo "10" > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_sent
How to repair and clone disk with ddrescue
ddrescue is a tool that can be used to repair and clone disks on a Linux system . This includes hard drives, partitions, DVD discs, flas...
-
from: https://www.wpgdadatong.com/tw/blog/detail?BID=B0594 一. PHY包含的各個子層 : PCS:編碼和解碼 PMA:串行器和反序列化器 PMD:取決於物理介質 Firgure 1: OSI模型裡示意...
-
From: http://blog.chinaaet.com/justlxy/p/5100064818 SMI:串行管理接口(Serial Management Interface),通常直接被稱為MDIO接口(Management Data Input/Output I...
-
在 前面我們所談的那些可以說是比較基本的東西,但是對於一份文件來說,光有前面所介紹的游標移動、刪除等等功能是不足夠的。面對一份文件我們通常會因為某些 緣故而使得我們必須去修改當中固定出現的字串樣式(pattern)成我們想要的樣子。最常遇到的就像中文文件的標點符號問題,或是 un...
沒有留言:
張貼留言