Hello.

I've a problem when I try to protect my Debian 5.0 against Syn_Flooding.
I set tcp_syncookies = 1 and tcp_syn_retries = 3

I've this rules :
Code:
-A INPUT -j banned_ip 
-A INPUT -j floods_protect 
-A INPUT -i lo -j ACCEPT 
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -j ports 
-A INPUT -i eth0 -p icmp -j ACCEPT 
-A floods_protect -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec --limit-burst 3 -j RETURN 
-A floods_protect -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP 
-A floods_protect -i eth0 -p udp -m limit --limit 10/sec -j RETURN 
-A floods_protect -i eth0 -p udp -j DROP 
-A floods_protect -i eth0 -p icmp -m icmp --icmp-type 8 -m limit --limit 5/sec -j RETURN 
-A floods_protect -i eth0 -p icmp -m icmp --icmp-type 0 -m limit --limit 5/sec -j RETURN 
-A floods_protect -i eth0 -p icmp -j DROP 
-A ports -p udp -m udp --dport 53 -j ACCEPT 
-A ports -p tcp -m tcp --dport 953 -j ACCEPT 
-A ports -p tcp -m tcp --dport 53 -j ACCEPT 
-A ports -p tcp -m tcp --dport 1193 -j ACCEPT
With this rules, server is protect against syn flooding, but apache doesn't respond or take too long time to respond with this.
I try to change limit-burst and limit 1/sec, but protect doesn't work or apache doesn't respond.

Have you any idea to protect apache against syn flood but have a fluid apache ?
Did I try lighttpd ?

Thanks (sorry for language mistakes, is not my motherly language) .