brunovescovi escreveu:Good morning, folks.
abdopcnet escreveu:tested and working
Two questions:
1- What version of BFW you applied and tested these settings?
2- What the expected result? (so I can check if it makes what it has proposed to do)
Anyway, thanks for the tip.
See ya.
bfw will handle more connections reduce ( ping requests & online games lag )
- Código: Selecionar todos
iptables -t mangle -A POSTROUTING -p tcp -d 111.111.111.111 -j DROP
# to drop KMplayer synflood attacks
- Código: Selecionar todos
echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout
# reduce time-wait timeout
- Código: Selecionar todos
echo 2 > /proc/sys/net/ipv4/tcp_synack_retries
echo 3 > /proc/sys/net/ipv4/tcp_syn_retries
#useful to protect from syn-flood
- Código: Selecionar todos
echo 1 > /proc/sys/net/ipv4/tcp_no_metrics_save
# The default is 0 which cach connection route causes slow ( mobile browsing errors )
- Código: Selecionar todos
echo 1024 > /proc/sys/net/core/somaxconn
# The default is 128 which is very low
- Código: Selecionar todos
echo 1024 > /proc/sys/net/ipv4/tcp_max_syn_backlog
# The default is 128 which is very low