diff options
author | Chris Akritidis <43294513+cakrit@users.noreply.github.com> | 2018-11-30 16:13:45 +0100 |
---|---|---|
committer | Costa Tsaousis <costa@tsaousis.gr> | 2018-11-30 17:13:45 +0200 |
commit | 451c8c85410c9d32864a566264d418127d593cff (patch) | |
tree | 98261da676c3cd4b2e09b64b640a324829beba3b /collectors | |
parent | 8f585710c7737d1d8e731915872641c76c4a0dc6 (diff) |
Improve SYNPROXY documentation (#4800)
Add a bit more explanation on the prerequisites for SYNPROXY, based on @ktsaou instructions in #4782
Diffstat (limited to 'collectors')
-rwxr-xr-x | collectors/proc.plugin/README.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/collectors/proc.plugin/README.md b/collectors/proc.plugin/README.md index 1230656556..d264c83179 100755 --- a/collectors/proc.plugin/README.md +++ b/collectors/proc.plugin/README.md @@ -219,7 +219,7 @@ SYNPROXY is a netfilter module, in the Linux kernel (since version 3.12). It is The net effect of this, is that the real servers will not notice any change during the attack. The valid TCP connections will pass through and served, while the attack will be stopped at the firewall. -To use SYNPROXY on your firewall, please follow our setup guides: +Netdata does not enable SYNPROXY. It just uses the SYNPROXY metrics exposed by your kernel, so you will first need to configure it. The hard way is to run iptables SYNPROXY commands directly on the console. An easier way is to use [FireHOL](https://firehol.org/), which, is a firewall manager for iptables. FireHOL can configure SYNPROXY using the following setup guides: - **[Working with SYNPROXY](https://github.com/firehol/firehol/wiki/Working-with-SYNPROXY)** - **[Working with SYNPROXY and traps](https://github.com/firehol/firehol/wiki/Working-with-SYNPROXY-and-traps)** |