The pfSense Store

Author Topic: Firewall feature like iptables -m recent  (Read 646 times)

0 Members and 1 Guest are viewing this topic.

Offline FJSchrankJr

  • Full Member
  • ***
  • Posts: 127
  • Karma: +0/-0
    • View Profile
    • SMCO L.L.C. - Embedded Systems Engineering
Firewall feature like iptables -m recent
« on: April 25, 2012, 01:43:09 pm »
I am not sure if there is some hidden functionality already in place but with all of the DDoS attacks out there I thought maybe this would be a good feature for the future.

iptables has a -m recent module to control connections from IPs based on a time period. So if a source makes too many requests within a period it will block them.  Quite useful in resource exhaustion type attacks/DDoS.

Just a thought.
-Fred

Offline podilarius

  • Hero Member
  • *****
  • Posts: 1768
  • Karma: +0/-0
    • View Profile
Re: Firewall feature like iptables -m recent
« Reply #1 on: April 25, 2012, 03:58:23 pm »
If you look in the rule properties in the Advanced feature -> Advanced options section, I think you will find what you are looking for.

Offline FJSchrankJr

  • Full Member
  • ***
  • Posts: 127
  • Karma: +0/-0
    • View Profile
    • SMCO L.L.C. - Embedded Systems Engineering
Re: Firewall feature like iptables -m recent
« Reply #2 on: April 25, 2012, 04:55:40 pm »
If you look in the rule properties in the Advanced feature -> Advanced options section, I think you will find what you are looking for.

Thanks a bunch podilarius. Been busy lately but I sure miss these forums and trying to help out when I can. Between the creators of pfSense and people like you supporting it, sure makes a great system.
-Fred