Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Max new connections / per second

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      nrgyz
      last edited by

      Hi guys,

      We've been recently hit by a virus inside the company. One of our worker's computer got controlled by a botnet that launched a DDoS attack against a remote site. Since then, of course we did the usual cleaning stuff. On the moment of the attack, that infected machine was loading up our pfSense's state table by making a lot of rapid connections. We want to prevent this in the future by enforcing a method of connections rate limit on the "LAN -> !DMZ -> WAN" rule. We don't want to be too aggressive on this rule so that legitimate users don't get blocked uselessly. What is the recommended rate that we should apply? Is there a way to gather statistical usage on a normal working day to see the maximum connections that has been established from a single machine in a period of time?

      Thanks for your support!

      Alex

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.