The ddos attack is just a simple issue with the ulink protocol. It uses udp as it is fast, quick when you dont need all the data to be checked for loss and corruption. But ulink does not check if the incoming packet size is 0 bytes long. Ulink will try and read the data from the packet to see what it was asking for it to do but the buffer has a length of zero and when you try and read from the buffer there are two options, the server waits for the client to send the missing data leaving a infinite wait (or until it timesout) or a error is thrown.
I also know that i should email garry but this is for host providers as a quick fix! Please note that i have read the playrust homepage
To fix this there are 3 ways:
- If you are using linux you can edit your iptables to block empty udp packets. The following command should work
iptables -A input -m udp -p length –length 0 –j DROP
- Use/write a proxy server where you tunnel the udp data and check the length before passing it on
Might work on one of these
- The rust developers could do a temp fix where they create a udp proxy and suggest server providers to block the main port. So:
port = private real server port
port + 1 = public fake udp server with options 2 built in
The fixes above will only work util they change they way they are confusing the server, im guessing they will change over to a system of sending broken packets if people start blocking 0 packet length?
If you have any other possible fixes please comment and i will add them to the list.