Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com

In this Discussion

X4B Releases custom Layer 3-5 Mitigation Rule support
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

X4B Releases custom Layer 3-5 Mitigation Rule support

SplitIceSplitIce Member, Provider

X4B Releases custom Layer 3-5 Mitigation Rule support

Finally it's here. Long overdue and one of our single largest development efforts to date. Since I've promised it to quite a few people on this forum I thought I would post this here.

Layer 4 Rule UI

Features:
- Full BPF (cBPF) support. Match on anything you can select with tcpdump.
- ipset matches
- TCP protocol specific matches
- Rate limits (including by hash)

Currently we consider this to be Milestone 1 of the release. Milestone 2 is set to include support for matching on all packets within a session/connection (not just the initial) and we are debating additional matches such as string search (within tightly controlled bounds), protocol specific matches (e.g DNS, TLS & QUIC) and additional targets (verify tcp, accept/whitelist, ban, etc).

Milestone 1 ended up being a little smaller than originally anticipated due to a kernel bug discovered late in the development process. Those features have not been forgotten and will be rolled out in the future when possible. Sorry to those who were waiting on those features, if your name was logged against them you should have been contacted. Feel free to open a ticket if I missed you.

As always feedback is welcome.

Thanked by 3vimalware Edmond vpsGOD
X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in the Europe, Asia, North and South America.
Latest Offer: Brazil Launch 2020 Offer

Comments

Sign In or Register to comment.