From 4425805b3409d32e355b083b488591d5595704df Mon Sep 17 00:00:00 2001 From: jgmdev Date: Mon, 19 Nov 2018 01:12:45 -0400 Subject: [PATCH] Additions to man page. --- man/ddos.1 | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/man/ddos.1 b/man/ddos.1 index 667d8b3..2650012 100644 --- a/man/ddos.1 +++ b/man/ddos.1 @@ -147,6 +147,12 @@ Connection states separated by colon operator (:) to block. See: .B ss(1). (Default: "connected") +.TP +.B CONN_STATES_NS = '' +Connection states to block separated by pipe operator when using netstat. See: +.B netstat(1). +(Default: "ESTABLISHED|SYN_SENT|SYN_RECV|FIN_WAIT1|FIN_WAIT2|TIME_WAIT|CLOSE_WAIT|LAST_ACK|CLOSING") + .TP .B ONLY_INCOMING = Only count incoming connections to listening services, which will @@ -157,15 +163,22 @@ a single ip address. Slower than default in/out method. .TP .B ENABLE_PORTS = This option enables the usage of PORT_CONNECTIONS and overrides the -ONLY_INCOMING option. Slower than ONLY_INCOMING method. +ONLY_INCOMING option. Same as ONLY_INCOMING but you can also assing +blocking rules per port using PORT_CONNECTIONS. Slower than +ONLY_INCOMING method. (Default: false) .TP .B PORT_CONNECTIONS = ':: ...' Maximum amount of connections per port before blocking. If a user is making all its connections to a single port the max connections -specified for the port will take precedence over the global amount of -NO_OF_CONNECTIONS value. Example: "80:150:600 443:150:600 20-21:250:600" +specified for the port will take precedence over the +NO_OF_CONNECTIONS value. +You should specify a rule for all the service ports your server is +running since those ports not defined on this list will be ignored +when ENABLE_PORTS is enabled, making those ports not listed on this +configuration flag vulnerable to attacks. Example: +"80:150:600 443:150:600 20-21:250:600" .SH FILES .B /usr/local/ddos/LICENSE