AlliedModders - [Linux] Source Query Proxy: DDoS Protection

AlliedModders (https://forums.alliedmods.net/index.php)

- Snippets and Tutorials (https://forums.alliedmods.net/forumdisplay.php?f=112)

- - [Linux] Source Query Proxy: DDoS Protection - Kernel redirection! (https://forums.alliedmods.net/showthread.php?t=297237)

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

it's funny how only turkish server owners are interested in this (xlenonz, controlsuz). meaning they are getting udp flooded at the same time. just an observation

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

Quote:

Originally Posted by nistnesus (Post 2519797)

it's funny how only turkish server owners are interested in this (xlenonz, controlsuz). meaning they are getting udp flooded at the same time. just an observation

All turkish servers...

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

it fails when using make.

make -C /lib/modules/`uname -r`/build M=$PWD modules
make[1]: Entering directory '/usr/src/linux-headers-4.14.3-custom-100hz'
CC [M] /home/poc/poc.o
/home/poc/poc.c: In function ‘init_module’:
/home/poc/poc.c:213:2: error: implicit declaration of function ‘nf_register_hook’ [-Werror=implicit-function-declaration]
nf_register_hook(&pre_hook);
^~~~~~~~~~~~~~~~
/home/poc/poc.c: In function ‘cleanup_module’:
/home/poc/poc.c:228:2: error: implicit declaration of function ‘nf_unregister_hook’ [-Werror=implicit-function-declaration]
nf_unregister_hook(&pre_hook);
^~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
scripts/Makefile.build:320: recipe for target '/home/poc/poc.o' failed
make[2]: *** [/home/poc/poc.o] Error 1
Makefile:1503: recipe for target '_module_/home/poc' failed
make[1]: *** [_module_/home/poc] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-4.14.3-custom-100hz'
Makefile:8: recipe for target 'default' failed
make: *** [default] Error 2
root:/home/poc# error: implicit declaration of function ‘nf_unregister_hook’

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

I want to do this for my Linux VPS but I'm too afraid of fucking something up.

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

Quote:

Originally Posted by asdfxD (Post 2568541)

it fails when using make.

Post your GCC version

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

Quote:

Originally Posted by spumer (Post 2571088)

Post your GCC version

gcc (Debian 6.3.0-18) 6.3.0 20170516

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

Quote:

Originally Posted by 404UserNotFound (Post 2570677)

I want to do this for my Linux VPS but I'm too afraid of fucking something up.

May be later i create more simpler way to install and customize "solution". If you fuck your system just revert changes.

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

Quote:

Originally Posted by spumer (Post 2571177)

Looks like no netfilter support in your Linux kernel version (compiler can't find nf_unregister_hook function)

Just add CONFIG_NETFILTER=y to your kernel config file and recompile kernel.
Or use "make menuconfig" and setup this option through GUI.

May be later i create more simpler way to install and customize "solution". If you fuck your system just revert changes.

it is set.

CONFIG_NETFILTER=y
CONFIG_NETFILTER_ADVANCED=y

so dunno why it does not work.

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

i have added proc to my server but gameservers with port 27015 are not listed in the server browser anymore. a server on port 27115 works.

edit: when i unload poc, they instantly appears on the list.

Re: [Linux] [PoC] DDoS Protection - Kernel redirection!

Quote:

Originally Posted by asdfxD (Post 2574191)

Kernel module just for redirect traffic. Handling and responding to clients must done by other software.
You can found an example on the first page of this thread.