Deep_287674
Oct 06, 2016Nimbostratus
iRule for DNS Flood protection
Hi Team, We have implemented new F5 AFM/ASM DDOS boxes. We need to create iRule to protect DNS flood from some range of IP but we need to whitelistdnsdomain.
when DNS_REQUEST {set fqdn [DNS::question name]
if { !([class match $fqdn contains whitelistdomains]) }
{log local0. "-------[DNS::question name] Dropped-----" drop } }
Will this work.
You can apply a similar logic
https://devcentral.f5.com/codeshare/http-request-throttle-version-101-and-above