Setting up Path.net firewall filters
Note: before following the below guide, please ensure you have whitelisted all ports you will need in the firewall rules
A major component of Path.net's firewall system is "filters" which allow the ddos mitigation to be finely tuned and therefore perform better for specific applications.
In order to create firewall filters, go to the client area, select "Services" -> "My Services" from the navigation bar, click on "Path.net Firewall Manager" and then click on the blue "Open Control Panel" button.
If you see "Path.net Firewall Manager" on the client area home page then you can click "View Details" beside this instead:
Once you're in the firewall manager, click "Firewall Filters" on the left navigation bar then "Create Filter" and you'll see this window appear:
There is a large list of the different filters available, we have a section in the knowledgebase detailing how to configure the filters for common applications, this can be seen here.
If you have any questions about the best filter to use, contact us.
One of the most common filters to create is the "TCP Service (symmetric)", we recommend using this for all TCP ports that do not have a filter available for the application.
Common uses for this would be for SSH and RDP ports.
- IP Address: the IP you want to apply the filter to
- Port: the port you want to apply the filter to, 22 in this case for SSH
- Per-connection max packets per second: the number of packets per second allowed per source IP, we recommend to set this to 10000, setting it too low may disrupt connections and would cause e.g. low upload speeds to this port
Firewall filter changes can take up to 60 minutes to take effect, despite the "Create Filter" window mentioning 15 minutes.
While the filter is deploying, the port will be intermittently globally inaccessible.
Facebook
Twitter