How to configure APF to prevent DDOS attack
Relatively new to APF is the new AntiDOS feature which can be found in: /etc/apf/ad
The log file will be located at /var/log/apfados_log so you might want to make note of it and watch it!
USER = “root”
There are various things you might want to fiddle with but I'll get the ones that will alert you by email.
# [E-Mail Alerts]
Under this heading we have the following:
# Organization name to display on outgoing alert emails
Enter your company information name or server name..
# Send out user defined attack alerts [0=off,1=on]
Change this to 1 to get email alerts
# User for alerts to be mailed to
Enter your email address to receive the alerts
Save your changes and quit the file
Restart the firewall: