by signa11 on 5/22/25, 10:37 PM with 1 comments
by Bender on 5/23/25, 12:57 PM
I am probably the exception but I make heavy use of several modules to block bots. I would love to try out bpfilter when they support connlimit, tcpmss, length, limit, owner, recent, set, tcp, ttl and maybe u32. In regards to performance I get some gains using NOTRACK in the raw table for ports I expect high packet rates in combination with stateless rules.