Hi, On 04/12/2023 14:37, CamZie wrote:
I tried testing "MaxQPSIPRule" by setting it to "3" but the drop connection only occurs on every 4th request. We would like to be able to block all requests from the source IP after they reach a certain limit.
Right, it allows 3 queries per second, so the 4th one is blocked, dig times out after a delay of one second, so there is again a 3-queries credit for the next second, and so on and so forth.
So am I correctly understanding that you want to block for a given amount of time a client after it has exceeded, once, a given QPS rate? The Dynamic Blocks are designed to do just that, but as discussed before there is a delay of up to one second before they are enforced for the first time, for performance reasons. If you cannot live with that delay, I'm afraid you will have to implement a custom rule using Lua [1].
[1]: https://dnsdist.org/advanced/luaaction.html Hope that helps, -- Remi Gacogne PowerDNS.COM BV - https://www.powerdns.com/
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
