To block these attacks you will enable FW_IPS in your configuration
In the UI
Go to Atomic Protector > Configuration > Firewall >Enable AWP Network Firewall IPS
Set to <yes>
In the CLI
As root, go to /var/awp/etc/config
Set the following configuration to <yes>
FW_IPS="yes"
Once changed save the file and restart the AWP service to enable the changes
You can also define queries you want to block to DNS to help prevent DNS amplification attacks. Custom queries are defined in this file:
/etc/asl/firewall/custom-ips-domains.json
The format for this file is:
domain,type
For example:
.,ANY
One entry per line.