From e8661ad04fea622bd24825ee755b9870beefbcd3 Mon Sep 17 00:00:00 2001
From: Dongsheng Song <dongsheng.song@gmail.com>
Date: Tue, 26 May 2009 11:15:06 +0800
Subject: [PATCH] Block tcp syn flood

---
 cauchy/authgw/authgw.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cauchy/authgw/authgw.conf b/cauchy/authgw/authgw.conf
index 037a696..36067fe 100644
--- a/cauchy/authgw/authgw.conf
+++ b/cauchy/authgw/authgw.conf
@@ -20,7 +20,7 @@ COMMIT
 -A INPUT -p icmp -m limit --limit 1/s --limit-burst 5 -j ACCEPT
 -A INPUT -p icmp -j DROP
 -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -j syn-flood
+-A INPUT -p tcp --syn -j syn-flood
 -A INPUT -p tcp -m multiport --dports 22,25,53,80,110,443,465,995 -j ACCEPT
 -A FORWARD -p icmp -m limit --limit 1/s --limit-burst 5 -j ACCEPT
 -A FORWARD -p icmp -j DROP
-- 
2.11.4.GIT