suricata: increase dns flood trigger

on slow lines unbound trigger the floodprotection at init. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
2026-04-11 19:55:52 +02:00 · 2020-04-02 16:31:18 +00:00
parent 702b59cd02
commit 2f8a33e182
1 changed files with 1 additions and 1 deletions
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -224,7 +224,7 @@ app-layer:

      # How many unreplied DNS requests are considered a flood.
      # If the limit is reached, app-layer-event:dns.flooded; will match.
-      request-flood: 512
+      request-flood: 2048

      tcp:
        enabled: yes