PF DDoS protection and a firewall: how much processing power is enough?

[emholt1]

Good morning,
I’m currently scraping together parts for a FreeBSD based firewall for my home network. I host my personal website on my home network, so I’d like to have a good safety net for a firewall. Of course, filtering some basic stateless traffic consumes very little bandwidth, but I’m curious. If—God forbid—some script kiddie out there decides he wants to ruin my day and DDoS my home network, how much processing power should I give this firewall so it can safely discard all these bogus packets?

Thanks.

 

[SirDice]

so it can safely discard all these bogus packets?

Blocking packets on your firewall isn't going to stop them from arriving in the first place. If someone manages to flood your internet connection there's very little you can do to change that.

And there's very little processing power involved to drop a packet. A big, complex, ruleset is what's going to use lots of processing power.