Port Flood Settings

Synflood Protection

SYN flood protection - SYNFLOOD
Enable SYN Flood Protection. This option configures iptables to offer some protection from tcp SYN packet DOS attempts. This option will slow down all new connections from any IP address to the server if triggered so it should only be enabled if you are under a SYN flood attack.
Default: 0 Range: 0-1

SYN flood rate - SYNFLOOD_RATE
The maximum average matching rate.
Default: 100/s

SYN flood burst - SYNFLOOD_BURST
The maximum initial number of packets to match.
Default: 150

UDP Flood Protection

UDP flood protection - UDPFLOOD
Enable outgoing UDP Flood Protection. This option limits outbound UDP packet floods. These usually are from from exploit scripts uploaded through vulnerable web scripts. If you use services that utilise high levels of UDP outbound traffic, such as SNMP you will need to adjust UDPFLOOD_LIMIT and UDPFLOOD_BURST options accordingly.
Default: 0 Range: 0-1

UDP flood limit - UDPFLOOD_LIMIT
The maximum matching rate.
Default: 100/s

UDP flood burst - UDPFLOOD_BURST
The maximum initial number of packets to match.
Default: 500

UDP flood allowed users - UDPFLOOD_ALLOWUSER
A list of usernames that should not be rate limited. (comma separated eg. named to stop bind traffic from being limited) Note: root user is always allowed.
Default: named

Connection Limit Protection

Connection limit - CONNLIMIT
Enable protection from DOS attacks against specific ports. This option limits the number of concurrent new connections per IP address that can be made to specific ports.
Default: empty

Port Flood Protection

Port flood - PORTFLOOD
Enable protection from DOS attacks against specific ports. This option limits the number of new connections per time interval that can be made to specific ports.
Default: empty

Related Pages