Creating a bpf filter

This is where we can discuss what we would like to see added or changed in OpenVPN.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
muza
OpenVpn Newbie
Posts: 5
Joined: Mon Aug 29, 2022 11:52 am

Creating a bpf filter

Post by muza » Mon Aug 29, 2022 12:00 pm

Hey, I'm trying to make a bpf filter for open vpn to keep my server less vulnerable to ddos attacks. I'm trying to get a pcap of my connection to open vpn so I can find out session id etc. I'm following this guide on github https://github.com/Courvix-Network/Open ... Protection but when I create a bcap it does not show the session id, etc.

I'm still very new to this so any help would be very appreciated, thanks! :)

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Creating a bpf filter

Post by TinCanTech » Mon Aug 29, 2022 1:36 pm

A quote from your source:
Courvix Network wrote:I am also no expert when it comes to DDoS protection or the application of DDoS prevention measures. I know what I know, that's it.
:roll:

OpenVPN developers take great care to ensure that Openvpn is robust enough to look after itself.
Provided you read the official Openvpn documentation, your server will be safe.

muza
OpenVpn Newbie
Posts: 5
Joined: Mon Aug 29, 2022 11:52 am

Re: Creating a bpf filter

Post by muza » Mon Aug 29, 2022 7:09 pm

TinCanTech wrote:
Mon Aug 29, 2022 1:36 pm
A quote from your source:
Courvix Network wrote:I am also no expert when it comes to DDoS protection or the application of DDoS prevention measures. I know what I know, that's it.
:roll:

OpenVPN developers take great care to ensure that Openvpn is robust enough to look after itself.
Provided you read the official Openvpn documentation, your server will be safe.
Ah ok, It's just that someone has already managed to ddos my server. So I'm just trying to take that extra step to ensure I can minimise the risk of it happening again.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Creating a bpf filter

Post by TinCanTech » Mon Aug 29, 2022 7:15 pm

muza wrote:
Mon Aug 29, 2022 7:09 pm
someone has already managed to ddos my server
Describe that, we would be most interested.

muza
OpenVpn Newbie
Posts: 5
Joined: Mon Aug 29, 2022 11:52 am

Re: Creating a bpf filter

Post by muza » Mon Aug 29, 2022 7:17 pm

TinCanTech wrote:
Mon Aug 29, 2022 7:15 pm
muza wrote:
Mon Aug 29, 2022 7:09 pm
someone has already managed to ddos my server
Describe that, we would be most interested.
He said something about using a api which uses a amp attack method specifically made for ovhs/nfos to bypass there basic firewall

muza
OpenVpn Newbie
Posts: 5
Joined: Mon Aug 29, 2022 11:52 am

Re: Creating a bpf filter

Post by muza » Mon Aug 29, 2022 7:19 pm

When he started the attack my server instantly shut down and I could not connect to it until he stopped the attack

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Creating a bpf filter

Post by TinCanTech » Mon Aug 29, 2022 7:22 pm

Is there an Openvpn vulnerability ? There's probably a bug-bounty for discovery ..

muza
OpenVpn Newbie
Posts: 5
Joined: Mon Aug 29, 2022 11:52 am

Re: Creating a bpf filter

Post by muza » Mon Aug 29, 2022 7:33 pm

TinCanTech wrote:
Mon Aug 29, 2022 7:22 pm
Is there an Openvpn vulnerability ? There's probably a bug-bounty for discovery ..
Without a doubt that's why I'm trying to set up ip tables for the mean time. It's just hard trying to understand how.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Creating a bpf filter

Post by TinCanTech » Mon Aug 29, 2022 8:02 pm

If you discover a genuine OpenVPN DDOS vulnerability then it is probably best to send an email to:
> security at openvpn.net

Post Reply