On Apr 7, 2011, at 11:49 AM, Steve Holdoway wrote:
Any suggestions apart from forward 25 to /dev/null and hope they go away??
The firewall/NAT isn't helping, it's hurting - the state tables are getting filled up and legitimate traffic is being crowded out, and the CPU is high. Stateful firewalls and NATs should *never* be placed in front of servers.
Contact the ISP and tell them that there's a DDoS being launched towards the public IP, and get them to filter.
The church should move their servers into VPS, rather than trying to run them off a VDSL with software-based routers.
-----------------------------------------------------------------------
Roland Dobbins