# NF_DHCP_Filter

A userspace application that filters DHCP floods to protect a DHCP server. It uses the Netfilter userspace packet queuing API.

# Dependencies
```
apt-get install build-essential uthash-dev libnetfilter-queue-dev
```
# Configuration
```
# max_pkt_per_interval
# maximum number of packets authorised per time interval.
max_pkt_per_interval=30

# interval
# measurement time interval in seconds.
interval=30

# debug
# enable debugging, warning, very verbose
debug=1

# blacklist_time
# number of seconds this client will be ignored once
# it exceeded the max_pkt_per_interval per interval
blacklist_time=55

# queue number
# refers to the queue-num of iptables.
# -A FORWARD -p udp -m udp --dport 67 -j NFQUEUE --queue-num 67 --queue-bypass
queue=67

# dryrun
# if dryrun is set to 1 it will accept all packets no matter what.
# this can be used for testing, syslog will still display the blacklisting
# actions.
# Set to 0 for production.
dryrun=1
```

# Run
```
root@router:~/dhcp_protect# ./dhcp_protect ./dhcp_protect.conf
Loading configuration ./dhcp_protect.conf
Configuration:
	dryrun               =  Yes
	debug                =  Yes
	interval             =   30s
	max_pkt_per_interval =   30
	blacklist_time       =   55s
	queue                =   67
```