su/tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync

Browse Source
This commit is contained in:
sushen339
2025-11-17 17:32:55 +08:00
parent 0c15034c41
commit a52da9d09e
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nft.sh
+2 -2
View File
@@ -81,9 +81,9 @@ table inet security_firewall {
ip saddr @blackhole_v4 drop ip saddr @blackhole_v4 drop
ip6 saddr @blackhole_v6 drop ip6 saddr @blackhole_v6 drop
# 3. SYN flood 防护 (阈值 500/s, 突发 200) # 3. SYN flood 防护 (阈值 500/s, 突发 500)
# 保护系统内存,防止大规模 SYN 攻击导致死机 # 保护系统内存,防止大规模 SYN 攻击导致死机
tcp flags syn limit rate over 500/second burst 200 packets drop tcp flags syn limit rate over 500/second burst 500 packets drop
# 4. ICMP/Ping 限速 (阈值 50/s, 突发 50) # 4. ICMP/Ping 限速 (阈值 50/s, 突发 50)
ip protocol icmp limit rate over 50/second burst 50 packets drop ip protocol icmp limit rate over 50/second burst 50 packets drop