Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How can i protect my Pfsense on DDOS of my Clients

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    6 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nelltoledo
      last edited by

      i have many attack from my clients last month and my firewall got hang, can anyone give me an idea to protect my pfsense firewall from being attack by DDOS.

      Thanks and Regard,
      ![flows flood.png](/public/imported_attachments/1/flows flood.png)
      ![flows flood.png_thumb](/public/imported_attachments/1/flows flood.png_thumb)

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        That is not an attack.. That is a alert on how many flows.. Those numbers mean nothing without context.. Those might be normal for what the devices is doing.. Simple p2p client could create hundreds of connections to different IPs in a few seconds..

        I would suggest you do some research on what the flow flood alert is in ntop.. More than likely you just have the alert levels set too low for the type of traffic your clients are creating/doing..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • H
          Harvy66
          last edited by

          my firewall got hang

          pfSense stopped responding? Internet went down? More details to what you tried and didn't work?

          1 Reply Last reply Reply Quote 0
          • N
            nelltoledo
            last edited by

            Thanks for the reply sir  johnpoz

            and mr. harvy66 yes my internet went down after my firewall receive many flow floods

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              "firewall receive many flow floods"

              Was that some other log.. 26 flows in 3 seconds is not anything to write home about.. Shoot a browser opening up a few pages could do that every time you launch it.. Shoot depending on the website and how they host images.. Say a forum page with user avatars hosted all over, or signature with images in them..

              Not sure what your issue was - but not related to the number of flows..  Now if you had 26000 in 3 seconds that could be a problem ;)

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • H
                Harvy66
                last edited by

                I think we need some actual numbers of how many states you have, how many new ones are being created, and what your throughput is.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.