How to configure APF to prevent DDOS attack
Relatively new to APF is the new AntiDOS feature which can be found in: /etc/apf/ad
The log file will be located at /var/log/apfados_log so you might want to make note of it and watch it!
vi /etc/apf/ad/conf.antidos
LP_KLOG=”1″
IPT_BL=”1″USR_ALERT=”1″
USER = “root”
ARIN_ALERT=”1″
There are various things you might want to fiddle with but I’ll get the ones that will alert you by email.
# [E-Mail Alerts]
Under this heading we have the following:# Organization name to display on outgoing alert emails
CONAME=”Your Company”
Enter your company information name or server name..# Send out user defined attack alerts [0=off,1=on]
USR_ALERT=”0″
Change this to 1 to get email alerts# User for alerts to be mailed to
USR=”[email protected]”
Enter your email address to receive the alerts
Save your changes and quit the file
Restart the firewall:
/usr/local/sbin/apf -r