Hi everyone,
I need some protection guidelines regarding NAT port forwarding. I hosted a game server on xyz port using src address list because i allowed only my country by adding mycountry classes in address list and blocked rest of countries and i also drop all traffic in IP firewall rule. I am using port forwarding in IP firewall NAT with chain=dstnat and protocol=udp action=dst-nat to address and port using src address list=mycountry and in interface=wan and i also know that when nat rule is enabled then traffic allowed as per this rule IP firewall rule does not drop.
Now my Point is this that i got dos attack from ip address which is not from my country so how it is possible because in nat port forward rule i am allowing only src address-list=mycountry and this list contain only my country ip classes and also i verified that other countries are blocked they cannot ping and join game and 2nd thing how can i limit the connection per ip or rate or packet per second coz for my game server i need per client 100packets per second or should i need more powerful firewall router which handle attacks i am using RB951G-2HnD.
Note: Sorry for my bad English and explanation please let me know for further details