Keep in mind the following: 27015 TCP is used by RCON. You only need to open this if you plan on using remote administration tools such as Sourcebans. I would recommend limiting this to a single IP address such as your webhost or a specific range of addresses.
27015 UDP is port/protocol that players use to connect, and for the master servers to query your box, and etc. (you may have to supplement your own port numbers since your running multiple servers, assuming that they are on the same ip) A very basic rule set that would work is (doesnt include dos protection or rate limiting): iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT ssh access iptables -A INPUT -p tcp --dport 22 -j ACCEPT limited rcon port, replace x's with source ip... iptables -A INPUT -p tcp -s x.x.x.x --dport 27015 -j ACCEPT iptables -A INPUT -p udp --dport 27015 -j ACCEPT iptables -A INPUT -j DROP On Sat, Nov 12, 2011 at 7:00 AM, Daniel Nilsson <[email protected]>wrote: > I need some help with basic or more advanced iptables rules for a box > running two tf2 servers. What should i think about to make good rules. That > secures the box and my game servers? > > /Dan > > > ______________________________**_________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/**mailman/listinfo/hlds_linux<http://list.valvesoftware.com/mailman/listinfo/hlds_linux> > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
