Ratelimit

From Atomicorp Wiki
Revision as of 17:44, 12 September 2013 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Introduction

ASL 4 introduces rate limit of TCP and UDP ports. ASL allows you to define the rate at which connections may occur to ports, as well as the maximum number of connections that can be open to a TCP port. This can be used to help with SYN and UDP floods.

Enabling

To use the rate limiting engine you will need to enable it in ASL. Please see this option to enable the engine:

https://www.atomicorp.com/wiki/index.php/ASL_firewall#FW_RATE_LIMIT

And then follow the instructions in this document to configure rate limiting for your system.

Configuration

Once you have the rate limiting engine enabled, as described above, you will then need to configure the ports to protect, the rate per port, and the maximum number of concurrent connections for each protected TCP port. The engine uses two files, one for TCP ports, one for UDP ports. The files are:

The format for the files is:

Personal tools