Just a very good video to learn about the foundations of Cloud Spanner:
https://www.youtube.com/watch?v=QPpSzxs_8bc
白翼的服務器運維博客
Just a very good video to learn about the foundations of Cloud Spanner:
https://www.youtube.com/watch?v=QPpSzxs_8bc
久違的看了一眼服務器的監控圖表,發現連接數異常的多(對比網站流量來說),奇怪的打開了 netstat / tcpdump,一臉 SYN_RECV。
雖然不至於造成 SYN FLOOD,直接把來源 IP 段 BAN 了了事。(然後換成一堆 AWS 的 IP 段發過來了,好傢伙…)
新部署:
iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m recent --update --seconds {value} --hitcount {value} --name "syn-fw" -j DROP
iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m recent --set --name "syn-fw"
iptables -A INPUT -p tcp --dport 80 -m state --state NEW -m recent --update --seconds {value} --hitcount {value} --name "syn-fw" -j LOG --log-prefix "[syn-fw] " --log-level 4
Refs:
https://serverfault.com/a/1033162
http://www.snowman.net/projects/ipt_recent/
[INCLUDES]
before = common.conf
[Definition]
_daemon = kernel
failregex = ^%(__prefix_line)s\[syn-fw\].*SRC=<HOST> DST=.*$
ignoreregex =