Boards

Feature requests

Powered by Canny

Feature requests

Upgrade GoBGP to current version

According to customer's feedback current version of GoBGP has multiple missing features which are available in upstream version. In addition to this issue there is an information that some vulnerabilities in dependence were fixed.

Allow lists for traffic matching by interface

We have option to ignore traffic for some specific interfaces https://features.fastnetmon.com/feature-requests/p/option-to-ignore-traffic-from-some-interfaces but for some cases is more reasonable to use inverted list. I.e. to allow only interfaces provided in list.

Introduce option to configure ban_time ban time on hostgroup basis

IPv6 support for BGP Flow spec mode

IPv6 support for BGP Flow spec mode

Option to block host only when attack continues for specific period of time / delay attack detection

For example host 1.2.3.4 has reached threshold for blackhole and stays above for 5 minutes and only after that period of time / duration FastNetMon will declare it as an attack. It will help to reduce number of false positives caused by legitimate traffic.

Add custom flow spec actions and rate limit values per protocol type

Add custom flow spec actions and rate limit values per protocol type

notify_script_attack_status_updates for total hostgroups

We do not have logic to export per hostgroup attacks as we export per host attacks: https://fastnetmon.com/docs-fnm-advanced/fastnetmon-advanced-json-notify-script-in-python/

Add option to override announce IPv4 prefix length on per hostgroup basis.

Add capability to collect attack dump for per hostgroup attacks

We have such capability only for /32 or /128 but not not for total hostgroups.

Flow Spec mode mitigation for total hostgroups

In response to rise of carpet bombing attacks we need to provide flow spec based mitigations on whole prefix.

Load More

→

Powered by Canny