Try not to ever do the DDOS or DOS detection on the network device unless it is a device dedicated to doing such acts.
My recommendation and is something we do: - Export Netflows and or IPFW Logs to a device for analysis. - FreeBSD supports ZFS, you can export massive volumes of both logs and flow data and retain for processing (we collect about 200GB per day worth of data for analysis) - On the device which is analysing your flows or logs, build in the functionality to talk to your network device and react in real time with IPFW. - Don¹t use PF it is slow on FreeBSD - if you want to use PF, consider OpenBSD. We currently use all open source tools to analyse data in real time and talk back to our BSDRP routers to perform RTBH, connection limiting, blocks, etc. The netfilter modules for connection limits and such like are handy when using it on a server especially if it¹s hosting con ten, however on routers which push large amounts of PPS it performs poorly and is a bit of a hack to be honest. I¹d avoid any of those kind of solutions even if they are available for PF or IPFW. Mark On 26/06/2014 6:06 am, "Eliezer Croitoru" <elie...@ngtech.co.il> wrote: >It's not a direct question on BSDR but more of PF level but I will ask >here. >In iptables I have new connection limit per IP or per subnet module. >Is there any equivalent option in BSDR(in PF)? > >If there is a document\video about the related PF topic I will be happy >to read\watch it. > >Thanks, >Eliezer > >-------------------------------------------------------------------------- >---- >Open source business process management suite built on Java and Eclipse >Turn processes into business applications with Bonita BPM Community >Edition >Quickly connect people, data, and systems into organized workflows >Winner of BOSSIE, CODIE, OW2 and Gartner awards >http://p.sf.net/sfu/Bonitasoft >_______________________________________________ >Bsdrp-users mailing list >Bsdrp-users@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/bsdrp-users ------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft _______________________________________________ Bsdrp-users mailing list Bsdrp-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bsdrp-users
