/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared currently has this:
## Enable TCP SYN cookie protection to assist against SYN flood attacks.
##
## https://en.wikipedia.org/wiki/SYN_flood
## https://cateee.net/lkddb/web-lkddb/SYN_COOKIES.html
##
## KSPP=yes
## KSPP sets CONFIG_SYN_COOKIES=y.
##
net.ipv4.tcp_syncookies=1
Syncookies rely on embedding special information into into a TCP initial sequence number, which tirdad completely destroys.
/usr/lib/sysctl.d/990-security-misc.conf#security-misc-sharedcurrently has this:Syncookies rely on embedding special information into into a TCP initial sequence number, which tirdad completely destroys.