Hi, below I have two cases for limiting traffic / connections: # MAX HTTP-TRAFFIC (APACHE-WEBSERVER) iptables -A INPUT -p tcp --dport 80 --syn -m limit --limit 60 / minute -j ACCEPT iptables -A INPUT -p tcp --dport 80 --syn -j REJECT --reject-with port unreachable # SYN-FLOODING PROTECTION iptables -N syn-flood iptables -A INPUT -i eth0 -p tcp --syn -j syn-flood iptables -A syn-flood -m limit --limit 1/s --limit-burst 4 -j RETURN iptables -A syn-flood -j DROP My question: Are this "realistic" values: 60 / min http & 1/s syn ?? I am not sure about how much traffic "normal" systems can handle without too big problems...(I think it must be more than in my examples..?) In my case I have one server with PI-200-CPU/64MB and isdn-dialup-connection and one server with K6-2-300-CPU/128MB and sdsl-connection (via ethernet), both linux-2.4.x with iptables. What values would be efficient for these systems? Bye. <da_bug@gmx.net>