LINUX.ORG.RU
ФорумSecurity

SYN flood ошибка kernel: xt_hashlimit: max count of 65536 reached


3

1

При ддосе в /var/log/messages ведется лог и отрубается машина на некоторое время, объясните можно увеличить этот max count и где, либо каким правилом защищаться в iptables 

May  4 14:44:32 unixmachine kernel: possible SYN flooding on port 80. Sending cookies.
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:37 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: __ratelimit: 51347 callbacks suppressed
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:42 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: __ratelimit: 3351 callbacks suppressed
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:44:49 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:45:00 unixmachine kernel: __ratelimit: 44108 callbacks suppressed
May  4 14:45:00 unixmachine kernel: xt_hashlimit: max count of 65536 reached
May  4 14:45:00 unixmachine kernel: xt_hashlimit: max count of 65536 reached

man iptables про xt_hashlimit 

--hashlimit-htable-max XXX

vel ★★★★★
()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.
Security