From ccb09d00958d9aa998a756136462ffe104b1167a Mon Sep 17 00:00:00 2001 From: Christoph Date: Tue, 29 Mar 2022 00:40:48 +0200 Subject: [PATCH] Fix error in section 'Protection against syn-flooding'. --- ip6t-firewall-gateway | 6 +++--- ipt-firewall-gateway | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ip6t-firewall-gateway b/ip6t-firewall-gateway index f87441f..a116801 100755 --- a/ip6t-firewall-gateway +++ b/ip6t-firewall-gateway @@ -490,8 +490,8 @@ if $protect6_against_several_attacks ; then echononl "\t Protection against syn-flooding.." - if $drop6_syn_flood || $log_syn_flood ; then - $ip6t -N syn-flood + if $drop6_syn_flood || $log_syn_flood || $log_all ; then + $ip6t -N syn_flood $ip6t -A INPUT -p tcp --syn -j syn_flood $ip6t -A syn-flood -m limit --limit 1/second --limit-burst 3 -j RETURN fi @@ -499,7 +499,7 @@ if $protect6_against_several_attacks ; then $ip6t -A syn-flood -j $LOG_TARGET $tag_log_prefix "$log_prefix SYN flood: " fi if $drop6_syn_flood ; then - $ip6t -A syn-flood -j DROP + $ip6t -A syn_flood -j DROP echo_done else echo_skipped diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway index 1a0cee9..6222ed5 100755 --- a/ipt-firewall-gateway +++ b/ipt-firewall-gateway @@ -993,7 +993,7 @@ if $protect_against_several_attacks ; then # --- echononl "\t Protection against syn-flooding.." - if $drop_syn_flood || $log_syn_flood ; then + if $drop_syn_flood || $log_syn_flood || $log_all ; then $ipt -N syn_flood $ipt -A INPUT -p tcp --syn -j syn_flood $ipt -A syn_flood -m limit --limit 1/s --limit-burst 3 -j RETURN