[stevenlafl]

I can't imagine this working. More professional DDoS attacks rely on sending the maximum amount of data on random UDP ports per packet. The idea is to overload the router with data. In this manner, there is no possible way to, with software, block a DDoS attack.

Mainly, underage script kiddies rely on ICMP packet flooding (Ping protocol) with a copious amount of ping.exe files running. The end result would the be the same (overloading the router) if the attacker's connection was strong enough to send that many packets. However, most likely it isn't, and results in lag instead of an actual denial of service.
Edit: More recently, kids have been buying $10 VPS accounts and using them to run packet flooding scripts.

In conclusion, your router would be overloaded before the packets had a chance to reach your server. Typically, this is what can bring down a network of datacenter servers that were attached to a single router. It is for this reason that DDoS attacks must be prevented at the hardware level, and this is actually done by some datacenters, which actually advertise their "DDoS protection." I have purchased one of those servers, and I have to say that it protected me from an attack that used hundreds of bots (each with at LEAST 10 mb/s)