Aggressive (!) anti DOS and DDOS rules (assist me please)

Can anyone help me with this? Can someone advise as aggressive rules as possible? I think I will need them because in office someone really wants not to work…

Drop WAN input/forward and disable wan ping rule.
Typically it is just somebody discovered torrent though.
If you are not willing to post 10k packets pcap in public forum you need to hire someone.

Are you trying to avoid being the victim or the attacker? Because there is nothing you can do to repel a DOS / DDOS attack from your end if the connection, it has to be done upstream.

1 Like

Yes

It is DOS in LAN, I have no static IP, do it is not the case from WAN.

I need to block anything that can overload router. Can you share how to?

You have full control of your own LAN, find the device causing it, and turn it off ?

2 Likes

With conntrack -L

1 Like