Page 1 of 1

Rate limiting with ufw for OpenVPN (TCP)

Posted: Wed Jul 29, 2020 4:19 am
by mark-s
Hi,

Ufw has the ability to deny connections from an IP address that has attempted to initiate 6 or more connections in the last 30 seconds.
https://wiki.archlinux.org/index.php/Un ... g_with_ufw

Question:

This rate limiting option of ufw looks promising to me. Could I use this option for OpenVPN (TCP) to harden my server against brute force attacks? Personally, I don't think that this is necessary, but I just want to be on the safe side and limit unnecessary connections to my server. ;)

Background:

Unfortunately, I am not able to ban the IP addresses of attackers with my current configuration. I use 6tunnel to forward all data over IPv6 from my vps (which has a public IPv4 address) to my actual server. For this reason, every connenction that reaches my server has the same IP address.

Thanks,
Mark