Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
efficient values for traffic-limits?
  • From: da_bug@xxxxxxx
  • Date: Tue, 26 Feb 2002 17:14:09 +0100
  • Message-id: <145206028.20020226171409@xxxxxxx>
Hi,

below I have two cases for limiting traffic / connections:

# MAX HTTP-TRAFFIC (APACHE-WEBSERVER)
iptables -A INPUT -p tcp --dport 80 --syn -m limit
--limit 60 / minute -j ACCEPT
iptables -A INPUT -p tcp --dport 80 --syn -j REJECT
--reject-with port unreachable

# SYN-FLOODING PROTECTION
iptables -N syn-flood
iptables -A INPUT -i eth0 -p tcp --syn -j syn-flood
iptables -A syn-flood -m limit --limit 1/s --limit-burst 4 -j RETURN
iptables -A syn-flood -j DROP

My question:
Are this "realistic" values: 60 / min http & 1/s syn ??
I am not sure about how much traffic "normal" systems can handle
without too big problems...(I think it must be more than in my
examples..?)
In my case I have one server with PI-200-CPU/64MB and
isdn-dialup-connection and one server with K6-2-300-CPU/128MB and
sdsl-connection (via ethernet), both linux-2.4.x with iptables.

What values would be efficient for these systems?

Bye.
<da_bug@xxxxxxx>


< Previous Next >
This Thread
  • No further messages