Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall feature like iptables -m recent

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F Offline
      FJSchrankJr
      last edited by

      I am not sure if there is some hidden functionality already in place but with all of the DDoS attacks out there I thought maybe this would be a good feature for the future.

      iptables has a -m recent module to control connections from IPs based on a time period. So if a source makes too many requests within a period it will block them.  Quite useful in resource exhaustion type attacks/DDoS.

      Just a thought.

      FJS - Embedded Systems Engineer
      Pictures are worth a thousand words, but <u>posting config.xml backups are worth 10,000</u>.  Alter the IPs, change anything revealing but leave subnets intact. Use find and replace. Please try to keep it brief on the description.
      ALWAYS disable TSO  & LRO EXCEPT CHKSUM IF SUPPORTED. TSO/LRO breaks traffic, pf scrub and this goes for any passive device inline

      1 Reply Last reply Reply Quote 0
      • P Offline
        podilarius
        last edited by

        If you look in the rule properties in the Advanced feature -> Advanced options section, I think you will find what you are looking for.

        1 Reply Last reply Reply Quote 0
        • F Offline
          FJSchrankJr
          last edited by

          @podilarius:

          If you look in the rule properties in the Advanced feature -> Advanced options section, I think you will find what you are looking for.

          Thanks a bunch podilarius. Been busy lately but I sure miss these forums and trying to help out when I can. Between the creators of pfSense and people like you supporting it, sure makes a great system.

          FJS - Embedded Systems Engineer
          Pictures are worth a thousand words, but <u>posting config.xml backups are worth 10,000</u>.  Alter the IPs, change anything revealing but leave subnets intact. Use find and replace. Please try to keep it brief on the description.
          ALWAYS disable TSO  & LRO EXCEPT CHKSUM IF SUPPORTED. TSO/LRO breaks traffic, pf scrub and this goes for any passive device inline

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.