On Mon, Jun 9, 2014 at 11:16 AM, Jason Pyeron <jpye...@pdinc.us> wrote: > We are trying to enhance our (D)DOS detection and response. Can pfSense create > alerts when the bandwith goes over X, especially if it is dues to more than Y > connections to a single IP? >
That's something better suited for a general network monitoring system. You won't find many if any firewalls that build in that kind of functionality. Monitoring systems like Nagios, Zabbix, Zenoss, etc. have such capabilities for bandwidth alerting at least, and could alert based on state table size in general. Narrowing it down to connections per IP probably isn't practical. Something like Snort can be complimentary to such monitoring, but it's not the first thing I'd recommend for such scenarios. _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
