Forum Discussion
5 Replies
Sort By
- Michael_YatesNimbostratus
A lot of what you are asking for is already baked into the device.
See: K14813: Detecting and mitigating DoS/DDoS attacks (11.4.x - 12.x)
- titankapo_33333Nimbostratus
Thanks Michael. I went through that article but still need some kind of guidelines ( specially for a better control) for building out a new irule in case of detecting suspicious activities or even ddos attacks. how can I set up TCP for defending against Flag Attacks? Many thanks again for helping out.
- BinaryCanary_19Historic F5 Account
I don't think you can inspect TCP flags using irules, so this approach seems unviable. You should look at using one of the standard modules/features built into the product that accomplish this objective as Mr Yates has already suggested.
- titankapo_33333Nimbostratus
thank you both!
- Faruk_AYDINNimbostratus