You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Pascal Gloor
9cb32baca0
rewrote
|
5 years ago | |
|---|---|---|
| Makefile | 5 years ago | |
| README.md | 5 years ago | |
| dhcp_protect.c | 5 years ago | |
| dhcp_protect.conf | 5 years ago | |
| dhcp_protect.h | 5 years ago | |
| dhcp_protect.service | 5 years ago | |
| perftest.pl | 5 years ago | |
README.md
README.md
NF_DHCP_Filter
A userspace application that filters DHCP floods to protect a DHCP server. It uses the Netfilter userspace packet queuing API.
Dependencies
apt-get install build-essential uthash-dev libnetfilter-queue-dev
Configuration
# max_pkt_per_interval
# maximum number of packets authorised per time interval.
max_pkt_per_interval=30
# interval
# measurement time interval in seconds.
interval=30
# debug
# enable debugging, warning, very verbose
debug=1
# blacklist_time
# number of seconds this client will be ignored once
# it exceeded the max_pkt_per_interval per interval
blacklist_time=55
# queue number
# refers to the queue-num of iptables.
# -A FORWARD -p udp -m udp --dport 67 -j NFQUEUE --queue-num 67 --queue-bypass
queue=67
# dryrun
# if dryrun is set to 1 it will accept all packets no matter what.
# this can be used for testing, syslog will still display the blacklisting
# actions.
# Set to 0 for production.
dryrun=1
Run
root@router:~/dhcp_protect# ./dhcp_protect ./dhcp_protect.conf
Loading configuration ./dhcp_protect.conf
Configuration:
dryrun = Yes
debug = Yes
interval = 30s
max_pkt_per_interval = 30
blacklist_time = 55s
queue = 67
Logging
The program will log to system every time a client is added or removed from the blacklist.
Oct 23 16:50:18 router dhcp_protect[9706]: 00000000021b: blacklisting started
Oct 23 16:52:18 router dhcp_protect[9706]: 00000000021b: blacklisting ended