Open MikeRuSe opened 8 months ago
Gawnz1
commented
8 months ago Can the specified tweak parameters in the post be available for all profiles too and not only for Other. If ever considered, such tweaks should be available to all profiles. Will be good addition 👍
master-toma
commented
7 months ago That's most wanting feature, I've been waiting for it 4+ years. What about TCP based traffic? Can I have at least some hope?
mrglbroc
commented
7 months ago This is definitely what we need
master-toma
commented
6 months ago Hello,
I own 6-10 servers in OVH, with MMO game, which is not supported by OVH GAME firewall, and I"m suffering from DDoS attacks often.
What whould help for sure, is:
Ability define following parameters for TCP based traffic: -> Min packet (headers included) or payload length -> Max packet (headers included) or payload length -> Packets per second per source IP
jslocinski
commented
6 months ago Guys, to be able to prioritize, which one would be the very MVP as a top prio: a/ min-max packet length b/ src port acl per dst port c/ pps per src IP d/ tcp & udp support ?
master-toma
commented
6 months ago Hello,
min-max packet length is n1 prio for my use cases.
Docker0012
commented
6 months ago min-max packet length would be cool
LightShockDev
commented
6 months ago I hope on Min-Max packet length
mrglbroc
commented
6 months ago Hello, min-max packet length 🙏
Gawnz1
commented
6 months ago A) min-max packet length - MVP C) pps per src IP - 2nd ..
For me.
maraz1987
commented
6 months ago Required for GTAV: RAGEMP servers on unsupported client
1- PPS 2- BPS 3- Min-Max Packet Length
lol10801lol
commented
6 months ago min-max, then PPS, please 🙏
gegtor
commented
4 months ago Packet length and PPS is a good start but ideally we would like to have full set of tools that OVH VAC team has so we can respond to incidents faster
Competing providers are starting to offer very granular control over filtering
Here is an example:
jslocinski
commented
4 months ago Thanks for the insights. Just for a sake of clarity, let's not mix here those two topics: Anti-DDoS Infrastructure (VAC) and GAME DDoS Protection (or simply GAME-firewall). While first one is OVHcloud ASN inbound-only, globally distributed, L3-L4, close to the source, the second one is fine-grain, full L7, close-to-destination and no jitter.
We work on evolution of both systems based on your requests, and relevant VAC issues can be found or created.
MikeRuSe
commented
3 weeks ago Hi @jslocinski saw the name was modified to "advanced filter" Is there any ETA for this function to be implemented? Will it be available for the current Game servers or only for the new Game range? Thanks!
jslocinski
commented
3 weeks ago Hello @MikeRuSe , not yet. We will update this task accordingly when closer to release (as usual).
Regarding old/new GAME server ranges - only new range will get this update (we had to cut dependencies to gain ability to upgrade in future with more functions).
Opening individual issue for adding advanced option to "other" game firewall profile. "Other" Game profile might include an advanced option that has action at UDP based traffic, where customers can specify and tweak parameters such as: -> Min packet (headers included) or payload length -> Max packet (headers included) or payload length -> Allowed src ports range based on dst port (by default ephemeral ports 1025-65535, but this can be tweaked) -> Packets per second per source IP https://github.com/ovh/infrastructure-roadmap/issues/135 @jslocinski