Hi all,
Today I just wanted to test how TCP SYN flooding protection works on my setup. So I ran this command from my PC to router:
As you can see load is very heavy on to the router, but on a small fraction of SYN packets are captured in input chain. Like one packet every 5 seconds or so. On the other hand if I create just simple passthrough rule in prerouting chain, then all packets are captured. How come only super small fraction of those packets reach input chain? Where they get lost lost? I have same behavior with or without TCP SYN cookies enabled.
Regards,
Today I just wanted to test how TCP SYN flooding protection works on my setup. So I ran this command from my PC to router:
Code:
hping3 -c 15000 -d 120 -S -w 64 -p 80 --flood --rand-source 192.168.1.1Regards,
Statistics: Posted by alphalt — Sat Mar 02, 2024 11:07 pm