|
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Added instruction for building BCC on Debian 10 Buster
https://github.com/spumer/source-que...ebpf/README.md |
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Is it relevant for csgo?
Server mirror? |
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Quote:
It's not a mirror, just query packets handler in separate process. And i'm working on some algorithms to detect and mitigate ddos, but it's not public yet and experimental |
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
1 Attachment(s)
Hi, I just got identified some attackers
I have traced to Uruguay, and also from gameservers.com Those UDP packets are using all my bandwidth and my CPU, I will share my iptables |
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
iptables wont solve completely flood or dos attacks. it will cause more problems.
The attacker can change methods and you keep changing your rules? The solution would be to block this before come to your server. so where ever you host you can ask them for protection for this kind of flood or dos attacks. |
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Hi, may you share your experience?
What kind of protection do you use in your servers? I think and as far as I can tell iptables could prevent contact from the attacker, it doesn't consume your CPU, I've tried right now also, |
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
i am using OVH Game + Addtional filters setup by Path.net
and instead of iptables i ise ufw to rate limit port 27015. works good. |
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
I want to share this iptables
It works for my 93 tickrate server, btw it also blocks rcon listening sudo iptables --flush sudo iptables -t nat -F sudo iptables -t nat -X sudo iptables -t mangle -F sudo iptables -t mangle -X sudo iptables -t raw -F sudo iptables -t raw -X sudo iptables -t security -F sudo iptables -t security -X sudo iptables -F sudo iptables -X sudo iptables --new-chain RATE-LIMIT sudo iptables -P INPUT ACCEPT sudo iptables -P FORWARD ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -A INPUT -p udp --destination-port 27015 --jump RATE-LIMIT sudo iptables --append RATE-LIMIT --match hashlimit --hashlimit-mode srcip --hashlimit-srcmask 32 --hashlimit-upto 93/sec --hashlimit-burst 20 --hashlimit-name conn_rate_limit --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 --jump ACCEPT sudo iptables --append RATE-LIMIT --match limit --limit 1/sec --limit-burst 1 --jump LOG --log-prefix "IPTables-Dropped: " sudo iptables --append RATE-LIMIT --jump DROP sudo iptables -A INPUT -p tcp --destination-port 27015 -j DROP |
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Please be advised. If not locally connected --flush, will sever your SSH connection and the only way in is serial console if installed. It also will disable everything network like web server, DNS, and MAIL. Make a bash script or better just lay out the rules without flush.
Quote:
|
Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
i'm running into this, any ideas? servers are started via docker, which should not be an issue imo
Code:
2021-04-02 10:21:54,675 [INFO] [sqproxy.config] Confdir not found: /root/conf.d/conf.d |
| All times are GMT -4. The time now is 17:09. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.