and I have see now in /proc/sys/net/ipv4 is on - it´s only commented in /etc/sysctl.conf!
Ok, but why the SYN-FLOOD is gooing throu the PVE-Firewall? smurf-filter is ON too! nf_conntrack_max was on DEFAULT - now: 196608 (changed in GUI) nf_conntrack_tcptimeout_established is: 18000 (long time ago changed in GUI) PVE-Firewall work - I see iptables -L and ipset list is with standard blocked IPs I have read, but dont know is good for proxmox: tcp_syn_retries now 5 - change to 3 is that better? tcp_max_syn_backlock is 2048 - good ?! Regards Detlef Am 04.06.2015 um 01:54 schrieb Detlef Bracker: > Dear, > > is that a good Idea to prevent SYN FLOOD on Proxmox host with uncomment > > #net.ipv4.tcp_syncookies=1 > > Or is their something other to prevent in the PVE-Firewall? > > We had in 2 days 2 SYN FLOOD to MySQL-Servers on many Containers with > diferent destination > IPs and comes only from one IP! The OVH DDoS Mitigation stop many of > this traffic but not all! > Only with blacklisting of the IP we have stop. But how we can stop this > on other ways? > > Regards > > Detlef > > > > > > _______________________________________________ > pve-devel mailing list > pve-devel@pve.proxmox.com > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
signature.asc
Description: OpenPGP digital signature
_______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
