DDoS protection module suggestion

[Payam Chychi]

Weibin,

whats your email? ill contact you with a few things
cheers
Payam





Weibin Yao wrote:
> malte at 2010-11-5 3:47 wrote:
>> Redd Vinylene Wrote:
>> -------------------------------------------------------
>>  
>>> Just real quick:
>>>
>>> What about one of the BSDs and pf? The latter is
>>> said to be the world's best
>>> firewall. Real elegant syntax too:
>>>
>>> block quick from
>>> pass in on $ext_if inet proto tcp from any to any
>>> port 80 keep state
>>> (max-src-conn 100, max-src-conn-rate 15/5,
>>> overload  flush
>>> global)
>>>
>>> That takes care of all my DDoS protection needs.
>>> Some of y'all mentioned big
>>> guns though, I don't know about that.
>>>     
>>
>> OpenBSDs PF is indeed the worlds finest software based firewall, I'll be
>> the first to say. I think Linux should throw out IP tables and go for a
>> PF port, but I digress.
>>
>> I haven't tried mitigating a big DDoS with PF, and I don't know if it
>> would fare any better once it has say 50k individual IPs to block. But
>> to me that is kind of beside the point. If I am not mistaken, a well
>> written nginx module would be the immensely helpful when faced with the
>> kind of DDoS I had on me last week.
>>
>> If I can't find anyone interested in writing it I might have a whack at
>> it myself next time I get some spare time.
>>   
> We are facing the similar DDOS situation to you. I'm developing a 
> module which can deny the individual IPs. The module can get the IPs 
> with a POST request from a commander server in the intranet. If you 
> have some suggestions, you can contact to me.
>
> The module will be here: 
> https://github.com/yaoweibin/nginx_limit_access_module, but I need 
> some more days to finish it.
>> Posted at Nginx Forum: 
>> http://forum.nginx.org/read.php?2,147105,147721#msg-147721
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://nginx.org/mailman/listinfo/nginx
>>
>>   
>
>