Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    Define drop based on payload length

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 794 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      kradalby
      last edited by

      Hi

      I have a quick question. I have a lot of css server which i currently have ddos problems with, and i found out that i can at least block one of the methods they are using by defining a drop if the package is to big.

      Most of the information i have found have been on adding the rule to iptables on the server, but since the server is behind my pfsense box and is depending on NAT, isnt it more logical for me to do this in the PFsense box?

      And the rule all the other game server hosts uses is this:
      iptables -A INPUT -p udp –dport 27015 -m length --length 28 -j DROP
      As i understand i takes incomming UDP traffic and drops it if the lenght is equal or over 28?, but i dont really know what 28 is, and i dont know how to do this in pfsense if that is the right place to do it.

      Thanks for any help in advance.

      Kristoffer

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.