flowtrackd: DDoS Protection with Unidirectional TCP Flow Tracking

Cloudflare has introduced a new software-defined DDoS protection system called flowtrackd to enhance its Magic Transit service. This feature will be enabled by default at no additional cost on July 30, 2020 for existing customers. Flowtrackd significantly improves the ability to automatically detect and mitigate even the most complex TCP-based DDoS attacks. The system is designed to handle unidirectional TCP flows, which are common in Cloudflare's Magic Transit service. It works by determining whether to forward or drop each received TCP packet based on the state of its related connection. Flowtrackd complements Gatebot and dosd, providing a comprehensive multi-layer DDoS protection system.