All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
X4B Releases custom Layer 3-5 Mitigation Rule support
X4B Releases custom Layer 3-5 Mitigation Rule support
Finally it's here. Long overdue and one of our single largest development efforts to date. Since I've promised it to quite a few people on this forum I thought I would post this here.
Features:
- Full BPF (cBPF) support. Match on anything you can select with tcpdump.
- ipset matches
- TCP protocol specific matches
- Rate limits (including by hash)
Currently we consider this to be Milestone 1 of the release. Milestone 2 is set to include support for matching on all packets within a session/connection (not just the initial) and we are debating additional matches such as string search (within tightly controlled bounds), protocol specific matches (e.g DNS, TLS & QUIC) and additional targets (verify tcp, accept/whitelist, ban, etc).
Milestone 1 ended up being a little smaller than originally anticipated due to a kernel bug discovered late in the development process. Those features have not been forgotten and will be rolled out in the future when possible. Sorry to those who were waiting on those features, if your name was logged against them you should have been contacted. Feel free to open a ticket if I missed you.
As always feedback is welcome.
Comments
Looks great!