the less that srcds and hlss have to process, especially bogus packets, the better it is for everyone.
On Sat, Feb 27, 2010 at 11:13 PM, Cc2iscooL <[email protected]> wrote: > You can set HLSS's limit up and down for queries per minute...so if you've > changed it you'd have to play with that one more (possibly) to get it > working properly. > > On Sun, Feb 28, 2010 at 1:07 AM, Gene Hardesty <[email protected] > >wrote: > > > I use something more complex: > > > > iptables -N UDPFILTER > > iptables -A INPUT -p udp -j UDPFILTER > > iptables -A UDPFILTER -j whitelist > > iptables -A UDPFILTER -m state --state ESTABLISHED -j ACCEPT > > iptables -A UDPFILTER -m state --state NEW -m hashlimit --hashlimit-mode > > dstip,dstport --hashlimit-name udplimit --hashlimit 300/second -j ACCEPT > > iptables -A UDPFILTER -j DROP > > > > in my whitelist is the Steam master server IPs and the entire Valve IP > > block > > (via a netmask) > > It doesn't affect users once they are connected and it also doesn't > affect > > HLSS (I had to experiment to find the right rate) > > Also the limit is per source IP and port not system-wide plus since I > have > > other servers running on other ports > > > > I guess I can also add the length rules too and perhaps limit the chain > to > > specific port ranges > > ( --dport 27000:27999, etc) > > > > G. > > > > On Sat, Feb 27, 2010 at 2:52 PM, xouk <[email protected]> wrote: > > > > > for linux server use this > > > iptables -A INPUT -p udp -m udp --dport 27015 -m length --length 39 -j > > DROP > > > iptables -A INPUT -p udp -m udp --dport 27015 -m length --length 28 -j > > > DROP > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
