This is a bit of an unusual question but I have a Mac server that gets hit with a lot of DDoS attacks. Usually my data center's mitigation system catches them but sometimes they slip through. When they do, they often can completely kill my system's TCP/IP. Even accessing localhost does not work. TCP/IP is completely dead. But the system is not frozen. It still runs perfectly fine otherwise. I know this because once I reboot the system, I can see all of the log entries from my scripts from the entire time it was offline. I have screen shots of the desktop from when it was offline.
Rebooting the server in this state returns it to normal. But I'm hoping there's some way I can restart just the TCPIP stack without rebooting the whole OS? That would at least let me regain access to the machine in a way that, while clumsy, would be significantly less so than hard remote reboots via IPMI.
This is all just a band-aide while we work out ways to shore up the DDoS mitigation. But it would be a good band-aide. Also useful, and along similar lines, would be a way to hard flush ALL TCP connections, established, half open, everything including all state information.
Asked by l008com
(1835 rep)
Nov 20, 2020, 06:24 AM
Last activity: Nov 20, 2020, 10:54 AM
Last activity: Nov 20, 2020, 10:54 AM