Hi, correct me if im wrong with: iptables -A INPUT -p tcp -m tcp --dport 27015:29000 -m hashlimit --hashlimit-upto 2/sec --hashlimit-burst 1 --hashlimit-mode srcip,dstip,dstport --hashlimit-name TF_PACKET_LIMIT -j ACCEPT
i block Rcon Flooding between 27015 and 29000? and is their an utility out that can share my rules to many servers? if not i will use a scp cron on the boxes. -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Daniel Nilsson Gesendet: Donnerstag, 3. Juni 2010 13:20 An: Half-Life dedicated Linux server mailing list Betreff: Re: [hlds_linux] Iptables Rule list Untested but think you can use something like this #!/bin/sh # The location of the IPtables binary file on your system. IPT="/sbin/iptables" #ALLOWED IP´S $IPT -A whitelist -s 72.165.61.128/26 -j ACCEPT $IPT -A whitelist -s 72.165.61.153/26 -j ACCEPT $IPT -A whitelist -s 216.207.205.99/26 -j ACCEPT $IPT -A whitelist -s 216.207.205.98/26 -j ACCEPT $IPT -N UDPFILTER $IPT -A INPUT -p udp -j UDPFILTER $IPT -A UDPFILTER -j whitelist $IPT -A UDPFILTER -m state --state ESTABLISHED -j ACCEPT $IPT -A UDPFILTER -m state --state NEW -m hashlimit --hashlimit-mode dstip,dstport --hashlimit-name udplimit --hashlimit 300/second -j ACCEPT $IPT -A UDPFILTER -j DROP $IPT -N logattacker $IPT -A INPUT -p udp -m udp --dport 27015 -m length --length 0:32 -j logattacker $IPT -A logattacker -j LOG --log-prefix "SRCDS:ATTACK: " --log-ip-options -m limit --limit 2/sec $IPT -A logattacker -j DROP //Daniel Gene Hardesty skrev 2010-06-03 12:51: > I only had one rule in the whitelist table: > $IPTABLES -A steamservers -s 72.165.61.128/26 -j ACCEPT > > add more as need be. > > G. > > On Thu, Jun 3, 2010 at 3:41 AM, Philipp Reddigau<[email protected]>wrote: > > >> Hi, >> thank you. Okay $IPT is clear too now. >> >> @Gene >> Can you post a whitelist entry as well? >> I think this is the best solution i think atm. >> >> -----Ursprüngliche Nachricht----- >> Von: [email protected] >> [mailto:[email protected]] Im Auftrag von >> Gene Hardesty >> Gesendet: Donnerstag, 3. Juni 2010 12:30 >> An: Half-Life dedicated Linux server mailing list >> Betreff: Re: [hlds_linux] Iptables Rule list >> >> this is what I use to use when I ran a server >> btw: $IPTABLES = /sbin/iptables (or wherever your iptables is) >> >> $IPTABLES -N UDPFILTER >> $IPTABLES -A INPUT -p udp -j UDPFILTER $IPTABLES -A UDPFILTER -j >> whitelist $IPTABLES -A UDPFILTER -m state --state ESTABLISHED -j >> ACCEPT $IPTABLES -A UDPFILTER -m state --state NEW -m hashlimit >> --hashlimit-mode dstip,dstport --hashlimit-name udplimit --hashlimit >> 300/second -j ACCEPT $IPTABLES -A UDPFILTER -j DROP >> >> >> "whitelist" is a table that contained "whitelisted" IP's and stuff >> (usually, I have the Valve Master Servers in there as well as my own, >> etc. >> >> Anyways, the rules say that it limits the number of new connections >> (per ip per port) to 300 a second...which from my testing never >> affected game play nor voice chat. >> >> Use and modify to your heart's content. >> >> G. >> >> On Thu, Jun 3, 2010 at 3:22 AM, Daniel Nilsson >> <[email protected]>wrote: >> >> >>> This perhaps if noone has any better: >>> >>> >>> |iptables -N logattacker >>> $IPT -A INPUT -p udp -m udp --dport 27015 -m length --length 0:32 -j >>> logattacker $IPT -A logattacker -j LOG --log-prefix "SRCDS:ATTACK: " >>> --log-ip-options -m limit --limit 2/sec $IPT -A logattacker -j DROP| >>> >>> >>> >>> ///Daniel >>> >>> >>> >>> >>> >>> Philipp Reddigau skrev 2010-06-03 12:10: >>> >>>> Hi, >>>> i was wondering about many new flood attacks to our CSS Servers today. >>>> each 3rd time banning someone the server will be flooded... >>>> >>>> Have someone a list of iptables rules? >>>> >>>> best regards, >>>> Philipp >>>> >>>> >>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list >>>> archives, >>>> >>> please visit: >>> >>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>> >>>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list >>> archives, please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> >> >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
