The DoS (Denial of Service) section within the IPDS module allows you to configure and set protection rules at the System or Farm service level.
System rules are preloaded, but Farm rules need to be configured by the administrator. This section displays the available lists:
Name. Identification of the rule. Click on the name to enter the editing form.
Rule. Type of rule. The different options include:
- Connection limit per second. Limits the rate of new inbound connections per second to the service per source IP.
- Total connections limit per source IP. Limits the number of established connections per source IP to the service.
- Check bogus TCP flags. Protects the farm service from packets with bogus TCP flags.
- Limit RST request per second. Limits the number of RST packets per second for TCP connections.
Farms. The farms to which the rule is applied. Use the small square icon to expand the view if the list of farms exceeds 20 characters.
Status. The status of the rules represented by color codes:
- Green. ENABLED – The rule is active and in use.
- Red. DISABLED – The rule is not active and has no effect on the farm.
Actions. Allowed actions for DoS rules include:
- Create DoS rule. Create a new rule to assign to certain farm services.
- Edit. Modify the rule’s global settings or assign it to a farm service if needed.
- Delete. Remove a created farm service rule.
- Start. Activate a system rule.
- Stop. Deactivate a system rule.
Next step, Create a custom DoS rule.