DDoS & flood
-
can this by converted in to pfSense firewall ? I am using this on Linux .
#IPTABLES="/usr/sbin/iptables" ## Default IPTables >= v. 1.2.0 IPTABLES="/usr/bin/iptables" ## Default IPTables <= v. 1.1.2 PING_IS="ON" PING_FLOOD="2/s" # SYN_FLOOD="5/s" LOG_FLOOD="2/s" # Syn-Flood echo -n "Loading Syn-Flood-Def" ${IPTABLES} -N FLOOD ${IPTABLES} -A FLOOD -p tcp --syn -m limit --limit $SYN_FLOOD -j RETURN ${IPTABLES} -A FLOOD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 2/s --limit-burst 3 -j RETURN ${IPTABLES} -A FLOOD -p tcp -j DROP ${IPTABLES} -A INPUT -p tcp -m state --state NEW -j FLOOD echo "....done " ############################################################################################ # Ping-Flood function PING_FLOD_ON { echo -n "Loading Ping CFG..." ${IPTABLES} -N ICMP ${IPTABLES} -F ICMP # 0 = Echo Reply, what gets sent back after a type 8 is received here # 3 = Destination Unreachable (inbound) or Fragmentation Needed (out) # 4 = Source Quench tells sending IP to slow down its rate to destination # 8 = Echo Request used for pinging hosts, but see the caution above # 11 = Time Exceeded used for traceroute (TTL) or sometimes frag packets # 12 = Parameter Problem is some error or weirdness detected in header # Allow limited ICMP traffic ${IPTABLES} -A ICMP -p ICMP --icmp-type 0 -j ACCEPT ${IPTABLES} -A ICMP -p ICMP --icmp-type 3 -j ACCEPT ${IPTABLES} -A ICMP -p ICMP --icmp-type 8 -m limit --limit $PING_FLOOD --limit-burst 2 -j ACCEPT ${IPTABLES} -A ICMP -p ICMP --icmp-type 11 -j ACCEPT # Set policy and add to INPUT table ${IPTABLES} -A ICMP -p icmp -j DROP ${IPTABLES} -A INPUT -p icmp -j ICMP echo "....done " } function PING_FLOD_OF { echo -n "PING is DROP:" ${IPTABLES} -A INPUT -p icmp -j DROP echo ".....done" } if [ "$PING_IS" = "ON" ]; then PING_FLOD_ON else PING_FLOD_OF fiSorry it might by incomplete but it is take out of my firewall script