You can set HLSS's limit up and down for queries per minute...so if you've changed it you'd have to play with that one more (possibly) to get it working properly.
On Sun, Feb 28, 2010 at 1:07 AM, Gene Hardesty <[email protected]>wrote: > I use something more complex: > > iptables -N UDPFILTER > iptables -A INPUT -p udp -j UDPFILTER > iptables -A UDPFILTER -j whitelist > iptables -A UDPFILTER -m state --state ESTABLISHED -j ACCEPT > iptables -A UDPFILTER -m state --state NEW -m hashlimit --hashlimit-mode > dstip,dstport --hashlimit-name udplimit --hashlimit 300/second -j ACCEPT > iptables -A UDPFILTER -j DROP > > in my whitelist is the Steam master server IPs and the entire Valve IP > block > (via a netmask) > It doesn't affect users once they are connected and it also doesn't affect > HLSS (I had to experiment to find the right rate) > Also the limit is per source IP and port not system-wide plus since I have > other servers running on other ports > > I guess I can also add the length rules too and perhaps limit the chain to > specific port ranges > ( --dport 27000:27999, etc) > > G. > > On Sat, Feb 27, 2010 at 2:52 PM, xouk <[email protected]> wrote: > > > for linux server use this > > iptables -A INPUT -p udp -m udp --dport 27015 -m length --length 39 -j > DROP > > iptables -A INPUT -p udp -m udp --dport 27015 -m length --length 28 -j > > DROP > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
