Hi, If you are on the hlds windows mailing list, then you probably already know about A2S_INFO DDOS attacks. I have mistakenly posted a *fix* on the list for *nix servers which I should have posted here.
In short: If your server gets ddosed with A2S_INFO packets, it will get really laggy. Setting sv_max_queries_sec to a low value will make the server disappear from the server browser list. I'm providing you with a UDP Caching Proxy which will query the server with A2S_INFO requests not more than once in a five seconds and respond to the client with the cached data. Setup: 1. Get the source from http://www.gign.lv/tmp/querycache.c 2. Compile with gcc querycache.c -o querycache 3. Open an UDP port in firewall for the proxy server, lets say 21015 4. Make sure you have iptables NAT, REDIRECT and string match support compiled into kernel or as modules 5. execute: iptables -t nat -A PREROUTING -p udp -d YOUR_EXTERNAL_TF2_SERVER_IP --dport YOUR_SERVER_PORT -m string --algo kmp --string 'TSource Engine Query' -j REDIRECT --to-port 21015 6. Run querycache (probably under screen, so you can detach from it) I've been ddosed with about 300req/sec and it works good, however I don't give any warranty that it will work for you. _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
