Hello everyone.
I am having massive SYN flood attack and the firewall rule I have against it, it’s not working at all.
The rule I have is:
;;; Add Syn Flood IP to the list
chain=input action=add-src-to-address-list tcp-flags=syn
connection-state=established protocol=tcp address-list=Syn_Flooder
address-list-timeout=30m connection-limit=30,32
1 X ;;; Drop to syn flood list
chain=input action=drop src-address-list=Syn_Flooder
Any ideas how to solve this?
Gonzalo.
