In such a case I would write an MM:S plugin that hooks recvfrom, checks
the packet for size and then adds an IPSec rule when the criteria is
met. I had something like this in place on my servers for the zero
length UDP flood exploit which is now resolved.
On 2013/08/31 16:02, Calvin Judy wrote:
Yes, although ipsec wouldn't work in this situation because OP needs to
drop packets with an invalid size.
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
