AntiDDOS

From Wiki of WFilter NG Firewall
(Difference between revisions)
Jump to: navigation, search
(Settings)
Line 9: Line 9:
 
* Drop Invalid Packets.
 
* Drop Invalid Packets.
 
* Drop Fragmented Packets.
 
* Drop Fragmented Packets.
 +
* Enable Protection on Forwarding: If not enabled, DDOS protection only applies to connections target to WFilter itself.
 
* SYN Flood Protection, tcp syn packets exceed the rate limit will be dropped.
 
* SYN Flood Protection, tcp syn packets exceed the rate limit will be dropped.
 
* UDP Flood Protection, udp packets exceed the rate limit will be dropped.
 
* UDP Flood Protection, udp packets exceed the rate limit will be dropped.

Revision as of 17:10, 19 October 2021

1 Anti DDOS

"Anti DDOS" protects the WFilter server from DDOS attacks.

2 Settings

  • Disable Ping on WAN Interfaces.
  • Drop Invalid Packets.
  • Drop Fragmented Packets.
  • Enable Protection on Forwarding: If not enabled, DDOS protection only applies to connections target to WFilter itself.
  • SYN Flood Protection, tcp syn packets exceed the rate limit will be dropped.
  • UDP Flood Protection, udp packets exceed the rate limit will be dropped.
  • ICMP Flood Protection, icmp packets exceed the rate limit will be dropped.
  • Geo-IP Filter: filter connections from certain countries.
  • IP Whitelist: whitelisted ip addresses won't be blocked by above rules.

Antiddos001.png

Geo-IP Filter: filter connections from certain countries, options:

  • Block choosed countries
  • Only allow choosed countries

Antiddos002.png

Retrieved from "http://wiki.wfilterngf.com/index.php?title=AntiDDOS&oldid=1108"
Personal tools
Namespaces

Variants
Actions
Navigation
Tools