[pve-devel] pvefw: using ctmark to associacte connections to VMs
Dietmar Maurer
dietmar at proxmox.com
Mon Mar 3 17:07:13 CET 2014
> I don't known if we can setup a really high value by default ?
no idea, sorry.
> Also, it's seem that another option must be tune,
>
> /etc/modprobe.conf:
>
> options ip_conntrack hashsize=32768
>
>
> I need to read a little more about it
Does that mean that everybody can start a DOS attack by simply
open(faking) 64000 tcp connections?
More information about the pve-devel
mailing list