If the controller runs iptables then you can quite easily filter traffic on any of the interfaces. However if your not port forwarding to the controller then I wouldn’t worry about DoS.
I’d be more concerned about attacks where someone spoofs your controller and hijacks the drone.
What do you currently have on it?
You mean firewall rules? Nothing on the drone or the controller.
I tried blocking all INPUT traffic with source not 10.1.1.0/24 (the drone subnet) but for some reason that seemed to ruin the drone’s communication with the controller. It lost the default gateway route and couldn’t ping any public hosts.
just FYI, the ip’s / macs are easiest things to spoof on .11g/n wifi’s.
Your worst enemy 's going to be person spamming de-authentication packets on wifi 2.4GHz (been there done that - i shared the cries loosing control of $1.2k drone over the lake etc - later to take revenge and hack other guys drone in-mid flight and take control over it.)
Best way to secure your drone is to pre-program the flight, and cut all communication with drone except camera - best to use external camera - and completely remove camera from your drone, and miniature gps tracker (thus you can find it later, if it falls somewhere.)
Its expensive hobby, don’t go full tard upgrading it - you’ll regret it later.
I wonder if you could get it working with RADIUS so that it verifies the AP cert and can’t be tricked in to connecting to someone else.