What's much more important than the bps is the pps (packets per second). Do you have any idea how many pps the attack was?
ASTUTE HOSTING: Advanced, customized, and scalable solutions with AS54527 Premium Canadian Optimized Network (Level3, PEER1, Shaw, Tinet) MicroServers.io: Enterprise Dedicated Hardware with IPMI at VPS-like Prices using AS63213 Affordable Bandwidth (Cogent, HE, Tinet) Dedicated Hosting, Colo, Bandwidth, and Fiber out of Vancouver, Seattle, LA, Toronto, NYC, and Miami
How large is your port speed? If it's only 100Mbps, it's likely the attack was much larger than what you were seeing due to the bottleneck. As such, it wouldn't make much sense to filter this traffic on your side of the port.
Jay Sudowski // Handy Networks LLC // Co-Founder & CTO AS30475 - Level(3), HE, Telia, XO and Cogent. Noction optimized network. Offering Dedicated Server and Colocation Hosting from our SSAE 16 SOC 2, Type 2 Certified Data Center. Current specials here. Check them out.
You could use some simple hardware (even Core2 based) with a good network card (Intel cards are the best) install FreeBSD or Linux and filter it by yourself, that will cost less and be more flexible till few millions of PPS (sometimes highly tweaked system can handle more than 1kk pps), after that you should look into more specific cpu packet handled systems like from cisco.
██ServerAstra.com website / e-mail: info @ serverastra.com
██ HU/EU Co-Location / Managed and Unmanaged VDS & Dedicated servers in Hungary with unmetered connections