Floating Rules question - limit Wan source connections



  • This is my first time to use Floating Rules.
    We have a fully routed pfSense setup with no NAT.

    We have recently experienced several DDoS attacks and just this morning a DoS Amplification attack.

    What we want to do is add floating rules to use specific queues in our shaper but more importantly to limit the amount of new connections per second an external IP can open coming in on our WAN.
    We also want to apply a similar rule that LAN hosts can only open a certain amount of new connection to a destination IP per second to help combat DoS Amplification attacks.

    The problem /confusion here is that we have hundreds of very specific rules controlling inbound traffic from our Wan to our Lan and we don't want the floating rules to interfere with the block/allow rules, just to limit new connections per second.

    We could go and edit each rule individually to set the limits but that is going to take a long time and any adjustments would be a headache to maintain.

    Has anyone any suggestions or experience with a similar situation?


Log in to reply