Hello,
I'm thinking of buying the EdgeRouter Lite. Before I do, however, I've been reading the tutorials and board posts to make sure this router can do everything I need it to. So far, I've found clear answers to most of my questions. One question that I haven't been able to find an answer to yet, however, is whether or not EdgeOS has something like Stophammer for DD-WRT. StopHammer is a script that runs as a cron job every 15 minutes and scans the logs to see if a certain firewall rule, called "syn_flood" has been tripped. Ths "syn_flood" firewall rule logs the IP of anyone who "hammers" at a port (if that port is within a specified range) with more than three requests per second (such as a port scan). Then, the next time the cron job runs, the script checks the log. If it finds an entry, it adds that IP to a "nologdrop" rule (which is the third or fourth firewall rule) to prevent any further requests from that IP.
I know I could write a rule and script like that, but I was hoping they already existed. Has anyone ever heard of an EdgeOS script like this? If not, does anyone think a script like this could or could not be written for an EdgeOS router?
Thanks,
b
