<div dir="ltr"><div dir="auto"><br><div class="gmail_quote" dir="auto"><div dir="ltr">вт, 5 июн. 2018 г., 23:17 Yahav Shasha <<a href="mailto:yahav.shasha@gmail.com" target="_blank">yahav.shasha@gmail.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div dir="auto">Server software firewall cannot help with ddos attacks.</div></div></blockquote><div><br></div><div>I wouldn't say that. If is about tcp syn or connect type of an attack, than those iptables rules + syn cookies in sysctl would help much. If it is kind of a udp flood than yes, you are right, nothing will help much, only services like cloudlare, but they are too expensive for saving online radio I guess. I would analyze, what type of an attack it is and if it is an udp flood then just move to another ip (if those are not hostname based attacks of course)</div></div></div>
</div>