兄弟们评一下, 这几条命令能否防DDOS,一定程度上
add chain=forward src-address-list=black_list_forward action=drop comment="Drop black_list_forward" disabled=noadd chain=forward protocol=tcp connection-limit=10,32 src-address-list=black_list_forward action=tarpit \
comment="suppress DoS attack" disabled=no
add chain=forward src-address=192.168.1.0/24 protocol=tcp connection-limit=500,32 action=add-src-to-address-list \
address-list=black_list_forward address-list-timeout=1d comment="detect DoS attack" disabled=no
add chain=forward src-address=!192.168.1.0/24 protocol=tcp connection-limit=32,32 action=add-src-to-address-list \
address-list=black_list_forward address-list-timeout=1h comment="" disabled=no
水平有限还望兄弟们就技术论技术, 别骂我 我也想知道!!!!!!!!!!!!!!!!!11 央央大坛 竟无人能评? 自己试试就可以了
或者,你用千兆接入,别人一般都攻击不了你了,呵呵 照官方设置的吧?拿个软件去攻击下demo.mt.lv就知道了撒 现在已经用了官网的, 还是不行, 可能是我的配置低了
页:
[1]