DDoS protection module suggestion

Payam Chychi pchychi at gmail.com
Fri Nov 5 07:03:53 MSK 2010


whats your email? ill contact you with a few things

Weibin Yao wrote:
> malte at 2010-11-5 3:47 wrote:
>> Redd Vinylene Wrote:
>> -------------------------------------------------------
>>> Just real quick:
>>> What about one of the BSDs and pf? The latter is
>>> said to be the world's best
>>> firewall. Real elegant syntax too:
>>> block quick from
>>> pass in on $ext_if inet proto tcp from any to any
>>> port 80 keep state
>>> (max-src-conn 100, max-src-conn-rate 15/5,
>>> overload  flush
>>> global)
>>> That takes care of all my DDoS protection needs.
>>> Some of y'all mentioned big
>>> guns though, I don't know about that.
>> OpenBSDs PF is indeed the worlds finest software based firewall, I'll be
>> the first to say. I think Linux should throw out IP tables and go for a
>> PF port, but I digress.
>> I haven't tried mitigating a big DDoS with PF, and I don't know if it
>> would fare any better once it has say 50k individual IPs to block. But
>> to me that is kind of beside the point. If I am not mistaken, a well
>> written nginx module would be the immensely helpful when faced with the
>> kind of DDoS I had on me last week.
>> If I can't find anyone interested in writing it I might have a whack at
>> it myself next time I get some spare time.
> We are facing the similar DDOS situation to you. I'm developing a 
> module which can deny the individual IPs. The module can get the IPs 
> with a POST request from a commander server in the intranet. If you 
> have some suggestions, you can contact to me.
> The module will be here: 
> https://github.com/yaoweibin/nginx_limit_access_module, but I need 
> some more days to finish it.
>> Posted at Nginx Forum: 
>> http://forum.nginx.org/read.php?2,147105,147721#msg-147721
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://nginx.org/mailman/listinfo/nginx

More information about the nginx mailing list