help me plzzzz
Seeing as he is spoofing the ip I doubt you are going to be able to get his real ip unless you can somehow get his ip from when he is in game.
[Might be wrong though]
I may be able to help, having successfully stopped attacks such as these on my own server in the past - I’ve added you on Steam
i need help for
You can drop or block the ip(s) by doing: route add -host IPHERE reject
i blocked the ip
Yes but start blocking a few and he should start to stop sooner or later.
thanks it not working but why
Usually stopping a few will stop most of the attack. And if on the same machine maybe the whole attack.
Is it a Real DDoS (overloading the server) or is it just overloading srcds ?
If it’s just overloading Srcds, you can use serversecure3 as a source plugin.
i tried but not work
I’ve taken a look at the dumps and the rules you have in place, I basically came up with the same rule you already had in place that should be working, but you seem to have added extra stuff that’s breaking your working rule.
Something like this might work:
iptables -F iptables -X iptables -A INPUT -m state --state INVALID -j DROP iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP iptables -A INPUT -p udp --dport 27015 -m length --length 0:32 -j DROP iptables -A INPUT -p tcp -m multiport --dports 22,27015 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -p udp --dport 27015 -m string --to 40 --algo bm --hex-string '|fffffffe|' -j DROP iptables -A INPUT -p udp --dport 27015 -m length --length 2521:65535 -j DROP iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p udp --dport 27015 -m state --state NEW -m string --to 40 --algo bm --hex-string '|ffffffff|' -j ACCEPT iptables -A INPUT -j DROP
still not works helps
i still can’t k,ow
oops, i just saw, i’ll take it back.
Please rate me dumb
Anyways, my friend was working on a custom firewall software which redirects all bigger packets and tries to keep the legit one.
Not sure if he is still working on it, i’ll ask him asap
help me please guys ! i really need you
That’s a query spam attack, I think there’s a plugin you can get that caches query responses, I’ll have a look later if you can’t find anything.
plzzzz guys i need help
why it is not work for me or not