I only had one rule in the whitelist table: $IPTABLES -A steamservers -s 72.165.61.128/26 -j ACCEPT
add more as need be. G. On Thu, Jun 3, 2010 at 3:41 AM, Philipp Reddigau <[email protected]>wrote: > Hi, > thank you. Okay $IPT is clear too now. > > @Gene > Can you post a whitelist entry as well? > I think this is the best solution i think atm. > > -----Ursprüngliche Nachricht----- > Von: [email protected] > [mailto:[email protected]] Im Auftrag von Gene > Hardesty > Gesendet: Donnerstag, 3. Juni 2010 12:30 > An: Half-Life dedicated Linux server mailing list > Betreff: Re: [hlds_linux] Iptables Rule list > > this is what I use to use when I ran a server > btw: $IPTABLES = /sbin/iptables (or wherever your iptables is) > > $IPTABLES -N UDPFILTER > $IPTABLES -A INPUT -p udp -j UDPFILTER > $IPTABLES -A UDPFILTER -j whitelist > $IPTABLES -A UDPFILTER -m state --state ESTABLISHED -j ACCEPT $IPTABLES -A > UDPFILTER -m state --state NEW -m hashlimit --hashlimit-mode dstip,dstport > --hashlimit-name udplimit --hashlimit 300/second -j ACCEPT $IPTABLES -A > UDPFILTER -j DROP > > > "whitelist" is a table that contained "whitelisted" IP's and stuff > (usually, > I have the Valve Master Servers in there as well as my own, etc. > > Anyways, the rules say that it limits the number of new connections (per ip > per port) to 300 a second...which from my testing never affected game play > nor voice chat. > > Use and modify to your heart's content. > > G. > > On Thu, Jun 3, 2010 at 3:22 AM, Daniel Nilsson > <[email protected]>wrote: > > > This perhaps if noone has any better: > > > > > > |iptables -N logattacker > > $IPT -A INPUT -p udp -m udp --dport 27015 -m length --length 0:32 -j > > logattacker $IPT -A logattacker -j LOG --log-prefix "SRCDS:ATTACK: " > > --log-ip-options -m limit --limit 2/sec $IPT -A logattacker -j DROP| > > > > > > > > ///Daniel > > > > > > > > > > > > Philipp Reddigau skrev 2010-06-03 12:10: > > > Hi, > > > i was wondering about many new flood attacks to our CSS Servers today. > > > each 3rd time banning someone the server will be flooded... > > > > > > Have someone a list of iptables rules? > > > > > > best regards, > > > Philipp > > > > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > > archives, > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
