On 07/08/2016 05:38 PM, Eric Dumazet wrote:
> With IPv4, a server can typically absorb 10 Mpps SYN without major
> disruption on linux-4.6
Well, this particular server even survived >900 MBit/sec w/o any service
disruption at IPv4 ([1])
but yesterday with a much more less attack the IPv6 issue was
On 07/08/2016 04:14 PM, Eric Dumazet wrote:
> Hard to tell without knowing DDOS details, but IPv6 lacks some
> scalability improvements found in IPv4.
Well, not too much I got from my ISP :
On 07 Jul 15:42, flow-s...@traffic1.core.hetzner.de wrote:
> Direction IN
> Internal 5.9.158.75
> Threshold
On 07/08/2016 04:14 PM, Eric Dumazet wrote:
> Are you sure conntrack is needed at all ?
Erm, I didn't mention conntrack - but yes, I do have in the firewall rules.
It is my understanding that conntrack is best practise, right ?
--
Toralf
PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7
I do run a 4.6.3 hardened Gentoo kernel at a commodity i7 server. A DDoS with
about 300 MBit/sec over 5 mins resulted an issue for ipv6 at that system.
The IPv6 monitoring from my ISP told my that the to be monitored services (80,
443, 5) weren't reachable any longer at ipv6 (at ipv4 there w
Francois Romieu:
> Toralf Förster :
>> Today my server (64 bit hardened Gentoo kernel) was faced a SYN-flood attack.
>> I do wonder if the DMAR events points to an issue in the kernel ?
>
> Please send a compressed log including all 'fault addr' lines as well
&
Today my server (64 bit hardened Gentoo kernel) was faced a SYN-flood attack.
I do wonder if the DMAR events points to an issue in the kernel ?
Mar 12 21:56:51 ms-magpie kernel: [99582.831584] TCP: request_sock_TCP:
Possible SYN flooding on port 80. Sending cookies. Check SNMP counters.
Mar 12
485 DROP udp -- anyany anywhere
anywheremultiport dports 1026,1027
and this kernel options :
n22 ~ # zgrep ^CONFIG_PPP /proc/config.gz
CONFIG_PPP=m
CONFIG_PPP_FILTER=y
CONFIG_PPPOE=m
and I'm wondering why it is still possible to capture such packe
e if they make a
> difference.
>
> I've audited ppp_generic.c and pppoe.c. I'll do pppol2tp
> tomorrow.
>
> Cheers,
I've applied the patch series onto a Gentoo-2.6.22-r5 kernel and use this kernel
now since some days w/o any problems both at work and at home.
Man
bug.cgi?id=8409
but probably also
http://bugzilla.kernel.org/show_bug.cgi?id=7938 are solved by your 7 patches.
Many thanks
--
MfG/Sincerely
Toralf Förster
pgp finger print: 7B1A 07F4 EC82 0F90 D4C2 8936 872A E508 7DB6 9DA3
signature.asc
Description: This is a digitally signed message part.
@wireshark-devs:
The topic is related to
http://www.wireshark.org/lists/wireshark-users/200707/msg00187.html
and http://bugzilla.kernel.org/show_bug.cgi?id=8793
@all:
Hi,
Am Donnerstag, 30. August 2007 schrieb James Chapman:
> Toralf Förster wrote:
> > Am Mittwoch, 29. August 2007 schr
malfunction at application level so it might be an issue
with the capturing itself.
Why is the ppp stream always ok in opposite to the eth0 stream ?
--
MfG/Sincerely
Toralf Förster
pgp finger print: 7B1A 07F4 EC82 0F90 D4C2 8936 872A E508 7DB6 9DA3
signature.asc
Description: This is a digitally signed message part.
/Sincerely
Toralf Förster
pgp finger print: 7B1A 07F4 EC82 0F90 D4C2 8936 872A E508 7DB6 9DA3
kscd_eth0.pcap
Description: Binary data
kscd_ppp0.pcap
Description: Binary data
signature.asc
Description: This is a digitally signed message part.
Right,
applying the patch below to the git tree removes the build failure.
Am Montag, 16. Juli 2007 11:47 schrieb Evgeniy Polyakov:
> On Mon, Jul 16, 2007 at 11:36:19AM +0200, Toralf Förster ([EMAIL PROTECTED])
> wrote:
> > Am Montag, 16. Juli 2007 10:32 schrieb Evgeniy Polyakov:
&
This option enables the hardware independent IEEE 802.11
> networking stack.
>
--
MfG/Sincerely
Toralf Förster
pgpt9QCvSAFSx.pgp
Description: PGP signature
O_DEV_PADLOCK is not set
#
# Library routines
#
CONFIG_BITREVERSE=y
CONFIG_CRC_CCITT=y
# CONFIG_CRC16 is not set
CONFIG_CRC_ITU_T=y
CONFIG_CRC32=y
CONFIG_LIBCRC32C=y
CONFIG_ZLIB_INFLATE=y
CONFIG_ZLIB_DEFLATE=y
CONFIG_PLIST=y
CONFIG_HAS_IOMEM=y
CONFIG_HAS_IOPORT=y
CONFIG_HAS_DMA=y
CONFIG_GENERIC_HARDIRQS=y
C
RAMPOLINE=y
CONFIG_KTIME_SCALAR=y
---
--
MfG/Sincerely
Toralf Förster
Hello,
the build with the attached .config failed, make ends with:
...
CC lib/kref.o
CC lib/prio_tree.o
CC lib/radix-tree.o
CC lib/rbtree.o
CC li
RCH=y
CONFIG_TEXTSEARCH_KMP=m
CONFIG_TEXTSEARCH_BM=m
CONFIG_TEXTSEARCH_FSM=m
CONFIG_PLIST=y
CONFIG_GENERIC_HARDIRQS=y
CONFIG_GENERIC_IRQ_PROBE=y
CONFIG_X86_BIOS_REBOOT=y
CONFIG_KTIME_SCALAR=y
---
--
MfG/Sincerely
Toralf Förster
+++ I'm not
:
bnx2.c:(.text+0xd9a5f): undefined reference to `crc32_le'
bnx2.c:(.text+0xd9a83): undefined reference to `crc32_le'
make: *** [.tmp_vmlinux1] Error 1
with the config attached.
--
MfG/Sincerely
Toralf Förster
#
# Automatically generated make config: don't edit
# Linux kernel version:
or tx */
- ieee80211_tx_frame(mac->ieee, (struct ieee80211_hdr *) pkt, pkt_size);
-
- kfree(pkt);
- return 0;
-}
--
MfG/Sincerely
Toralf Förster
pgpyX4Xg4AjWc.pgp
Description: PGP signature
Got this compiler warning today and Johannes Berg <[EMAIL PROTECTED]> wrote:
Yeah, known 'bug', we have that code there but never use it. Feel free
to submit a patch (to John Linville, CC netdev and softmac-dev) to
remove it.
Signed-off-by: Toralf Foerster <[EMAIL PROTECTED]>
---
linux-2.6.17-
-- Weitergeleitete Nachricht --
Subject: Re: net/ieee80211/softmac/ieee80211softmac_io.c:464:
warning: 'ieee80211softmac_send_ctl_frame' defined but not used
Date: Tuesday 23 May 2006 14:33
From: Johannes Berg <[EMAIL PROTECTED]>
To: Toralf Förster <[E
21 matches
Mail list logo
