> > I don't known if we can setup a really high value by default ? > > no idea, sorry. > > > Also, it's seem that another option must be tune, > > > > /etc/modprobe.conf: > > > > options ip_conntrack hashsize=32768 > > > > > > I need to read a little more about it > > Does that mean that everybody can start a DOS attack by simply > open(faking) 64000 tcp connections?
http://tools.ietf.org/html/rfc4987 So what can we do to prevent that? _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
