From dd323bb373efbe4f5e92ca62cf1668a9abe47721 Mon Sep 17 00:00:00 2001
From: Tizian Maxime Weigt <tizian-maxime.weigt@t-w.dev>
Date: Fri, 30 May 2025 00:05:28 +0000
Subject: [PATCH] README.md aktualisiert

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index b479af9..053ca8f 100644
--- a/README.md
+++ b/README.md
@@ -5,9 +5,9 @@
 | SYN | 0x02 | Initiates connection | 40–60 bytes | 64–78 bytes | Rate limit SYN packets per source IP to prevent floods. Drop if rate exceeds threshold. Use SynProxy. |
 | SYN-ACK | 0x12 | Acknowledges SYN | 40–60 bytes | 64–78 bytes | Validate against recent SYN requests using eBPF hash maps. Drop if no matching SYN. |
 | ACK | 0x10 | Acknowledges data | 40 bytes | 64 bytes | Allow for established connections. Rate limit to prevent ACK floods. |
-| PSH-ACK | 0x18 | Pushes data | 40–1500 bytes | 64–1518 bytes | Allow for data transfer. Rate limit large packets to prevent floods. |
+| PSH-ACK | 0x18 | Pushes data | 40–1500 bytes | 64–1518 bytes | Allow for data transfer. Rate limit large packets to prevent floods. Basic Connection tracking |
 | FIN-ACK | 0x11 | Closes connection | 40 bytes | 64 bytes | Allow for connection closure. Drop if part of a FIN scan (no prior SYN). |
-| RST | 0x04 | Resets connection | 40 bytes | 64 bytes | Allow for error handling. Drop if part of a reset attack (high rate from single IP). |
+| RST | 0x04 | Resets connection | 40 bytes | 64 bytes | Allow for error handling. Drop if part of a reset attack (high rate from single IP). Basic Connection tracking |
 | NULL | 0x00 | Invalid (no flags) | 40 bytes | 64 bytes | Drop immediately as invalid/malicious. |
 | XMAS | 0x29 (FIN+PSH+URG) | Probing attack | 40 bytes | 64 bytes | Drop immediately as invalid/malicious. |
 | SYN-FIN | 0x03 | Invalid combination | 40 bytes | 64 bytes | Drop immediately as invalid. |