Re: Hardening SRCDS with iptables rules
Quote:
this must be done for every port that you have server running on ? |
Re: Hardening SRCDS with iptables rules
Quote:
But yes if you want to allow only connections via specific ports you need to add all of the game transmission ports for each server/application. |
Re: Hardening SRCDS with iptables rules
Quote:
it says : TRCON: Cannot setup TCP socket on ip: Connection timed out what can be the cause ? i have allowed the stats ip Code:
iptables -A INPUT -p tcp -s IP -j ACCEPT in my log : Code:
May 31 13:55:48 kernel: [137438.406925] SRCDS-XSQUERY IN=eno1.158 OUT= MAC=90:b1:1c:a4:8b:d9:68:05:ca:0d:ff:36:08:00 SRC=IP DST=IP LEN=37 TOS=0x00 PREC=0x00 TTL=121 ID=53211 PROTO=UDP SPT=7130 DPT=27018 LEN=17 |
Re: Hardening SRCDS with iptables rules
Hey when I try to enter iptables -A INPUT -p udp -m state --state NEW -m hashlimit --hashlimit-mode srcip --hashlimit-name StopDoS --hashlimit 1/s --hashlimit-burst 3 -j ACCEPT I get Unknown error 18446744073709551615 teatv hellodear.in
|
Re: Hardening SRCDS with iptables rules
Hello, I wrote a script to automatically implement this (more or less)
It also works with servers using docker (which mine do) https://github.com/CreatorsTF/srcds-...tables-docker/ |
Re: Hardening SRCDS with iptables rules
Thank you sapphonie
I will try your script this evenening. Yesterday a script kiddie dos'd my server and we were unabled to play. Your work will be very precious :) |
Re: Hardening SRCDS with iptables rules
The script looks working, just needed to install net-tools in order to get the route command working.
Do I need to make something to have theses rules permanents after reboot ? Thanks. |
Re: Hardening SRCDS with iptables rules
People are now timing out. I used the sapphonie script but it seem don't work out of the box :cry:
Edit: It look like udp-spam is triggered when players connect. Here is a hint from a line of /var/log/syslog : <|srcds-ipt|> udp spam: IN=ens18 OUT= MAC=6e:72:b5:8e:ec:3e:aa:e6:73:44:d6:c6:08:00 SRC=194.118.68.64 DST=192.168.0.112 LEN=74 TOS=0x00 PREC=0x00 TTL=113 ID=55803 PROTO=UDP SPT=49919 DPT=27018 LEN=54 my server is L4D2 on port 27018. Any help ? |
All times are GMT -4. The time now is 23:26. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.