What features does pfsense have about handling DOS attacks

  • Does pfSense have features about dealing with DDOS attacks?, such as:

    • support to automatically perform X action when an IP pings or makes a request to the pfSense router more than Y times in Z minutes,

      • where X can be something like:

        • drop the bad IP

        • add the bad IP or range of bad IPs to a list to block/not serve in the future

        • temporarily stop responding to pings

        • possibly automatically contact your dyndns provider and switch your domain name to resolve to a fake ip, while you obtain a new IP address from your ISP

    • manually set IPs or IP ranges to be blocked

    • etc

    I know there's nothing you can really do to completely prevent a DDOS attack, but some things can and do help.  And I'm wondering what sort of denial of service features pfSense has.

    Thank you

  • pfSense has by far the best capabilities of any open source firewall, and better than a bunch of commercial firewalls, when it comes to DoS protection. DDoS you likely can't do anything about unless you have an extremely fast Internet connection. Most DDoS attacks will knock you off the Internet unless you have at least 50 Mb of Internet connectivity, and at times even that isn't enough.

    Check the advanced options on the firewall rules add/edit screen, several options there for controlling things.

Log in to reply