Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
If you're setting up a pf (packet filter) firewall, here's the Minecraft specific DDoS threats file we currently use.

inertia186 commented Mar 20, 2013

A pf anchor divides up filter rules into functional groups. Edit your /etc/pf.conf file to include the following lines:

anchor "minecraft-ddos-threats"
load anchor "minecraft-ddos-threats" from "/etc/pf.anchors/minecraft-ddos-threats"

Now we need to write the lines for the anchor we defined. From the /etc/pf.conf configuration we just added, those should go into the file /etc/pf.anchors/minecraft-ddos-threats. Create that file and add these lines:

table <minecraft_ddos_threats> persist file "/etc/minecraft-ddos-Block-IPs.txt"
block log from <minecraft_ddos_threats> to any

The first line establishes a table called minecraft_ddos_threats and on an initial start will load the contents of the /etc/minecraft-ddos-Block-IPs.txt file.

The second line is the filter rule that blocks and logs from any IP address or network listed in the minecraft_ddos_threats table. If you are not interested in logging the packets that are dropped, just leave out the log keyword.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment