i am getting regularly this type of flood by some 13 year old spoiled kid that has $20 for a booter
how can i protect myself from these attacks... the ip ranges go from 1.x.x.x. to 250.x.x.x my routerboard is at 93% at some attacks but for some it's betwen 25% and 35% cpu usage...
it's weird because i have a rule to block all port 80 traffic but they still get there....
also sometimes they use udp(17) and imcp(1) instead of tcp.
i'll appreciate any help, best will be some terminal commands for filter/nat/whatever rules i need.
i have already 50+ rules added for protection and managed to reduce the attacks by about 50-60%, but this ssyn flood is killing me.
i want to block that traffic completely and on theory i've done it already, but on practice they don't work