diff options
| -rw-r--r-- | extensions/libxt_SYNPROXY.man | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/extensions/libxt_SYNPROXY.man b/extensions/libxt_SYNPROXY.man index 25325fc2..30a71ed2 100644 --- a/extensions/libxt_SYNPROXY.man +++ b/extensions/libxt_SYNPROXY.man @@ -1,6 +1,8 @@ This target will process TCP three-way-handshake parallel in netfilter context to protect either local or backend system. This target requires connection tracking because sequence numbers need to be translated. +The kernels ability to absorb SYNFLOOD was greatly improved starting with +Linux 4.4, so this target should not be needed anymore to protect Linux servers. .TP \fB\-\-mss\fP \fImaximum segment size\fP Maximum segment size announced to clients. This must match the backend. |