Hello, On my DNS authoritative servers which are behind an OpenBSD 6.6 firewall I just saw some weird UDP high volume traffic on port 53 my these DNS servers coming from Google (e.g. 74.125.18.1 or 172.253.214.111).
These few IPs generated around 5200 requests/second on my DNS servers so I was wondering if one can also limit the rate of requests in PF on UDP traffic such as can be done with TCP (using max-src-nodes, max-src-conn, etc)? Looking at the documentation (https://www.openbsd.org/faq/pf/filter.html) it only mentions TCP. So I deduct that it is simply not possible to somehow limit the rate of UDP connections with PF, am I right here? Regards, Mabi
