firehol SYNPROXY to Protect server from SYN Flooding Attack
Demo of how normal Linux firewall SYNPROXY works to protect real web server with firehol and iptables synproxy module https://firehol.org/firehol-manual/fi..., in my next video I will show how to use XDP SYNPROXY acceleration to protect the real web server at driver fast path.
https://netdevconf.info/0x15/slides/3...
firehol synproxy config
version 6
The network of our eth0 LAN.
home_ips="10.1.72.0/24"
mgmt_ips="10.3.0.0/16"
ipv4 synproxy input inface ens192 dst 10.169.72.117 dport 80 dnat to 10.1.72.187
interface4 ens160 mgmt src "${mgmt_ips}"
policy accept
server "http ssh icmp" accept
client "icmp" accept
interface4 ens224 home src "${home_ips}"
policy reject
server "http ssh icmp" accept
client "icmp" accept
interface4 ens192 internet src not "${home_ips} ${UNROUTABLE_IPS}"
protection strong 10/sec 10
server "http icmp" accept
client all accept
router4 internet2home inface ens192 outface ens224
masquerade reverse
server "http" accept dst 10.1.72.187
client all accept
server ident reject with tcp-reset
![[Mesa Redonda] Mi vida después de un bootcamp](https://pics.providosiki.ru/watch/_7x9HG62HRY)
