套件： dtc-xen-firewall (0.5.17-1)
Please consider filing a bug before contacting the maintainer directly.
Original Maintainer (usually from Debian):
- Thomas Goirand
It should generally not be necessary for users to contact the original maintainer.
- 主頁 [www.gplhost.com]
Warning: This package is from the staging distribution. That means it is likely unstable or buggy, and it may even cause data loss. Please be sure to consult the changelog and other possible documentation before using it. The package will automatically migrate to the current development distribution, when it has been tested.
small firewall script for your dom0
If running in a production environment, you might want to have a basic firewall running on your dom0 to avoid having DoS attack. This is not the state-of-the-art, but just another attempt to make things a bit more smooth. Comments and contribution are more than welcome!
The main principle of this firewall script is to rate limit connections to both your dom0 and your VPSes. It's principle is NOT block any connection. For example, dtc-xen-firewall denies ssh for 300 seconds after 10 attempts on your dom0, rate limit ping to 5 per seconds on your dom0 and to 50/s globally for all your VPS, and does the same kind of thing for SYN flood attacks. Take care, it also blocks any connection to the port 25, as in a normal dom0, you would install a mail server to send system messages to the administrators, but you don't want to accept any incoming message.
其他與 dtc-xen-firewall 有關的套件
- dep: debconf
- Debian configuration management system
- dep: iptables
- administration tools for packet filtering and NAT
- dep: lsb-base
- Linux Standard Base 4.1 init script functionality