Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


In this Discussion

X4B Releases custom Layer 3-5 Mitigation Rule support
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

X4B Releases custom Layer 3-5 Mitigation Rule support

SplitIceSplitIce Member, Host Rep

X4B Releases custom Layer 3-5 Mitigation Rule support

Finally it's here. Long overdue and one of our single largest development efforts to date. Since I've promised it to quite a few people on this forum I thought I would post this here.

Layer 4 Rule UI

Features:
- Full BPF (cBPF) support. Match on anything you can select with tcpdump.
- ipset matches
- TCP protocol specific matches
- Rate limits (including by hash)

Currently we consider this to be Milestone 1 of the release. Milestone 2 is set to include support for matching on all packets within a session/connection (not just the initial) and we are debating additional matches such as string search (within tightly controlled bounds), protocol specific matches (e.g DNS, TLS & QUIC) and additional targets (verify tcp, accept/whitelist, ban, etc).

Milestone 1 ended up being a little smaller than originally anticipated due to a kernel bug discovered late in the development process. Those features have not been forgotten and will be rolled out in the future when possible. Sorry to those who were waiting on those features, if your name was logged against them you should have been contacted. Feel free to open a ticket if I missed you.

As always feedback is welcome.

Thanked by 3vimalware Edmond vpsGOD

Comments

Sign In or Register to comment.