Raised This Month: $202 Target: $400
 50% 

[Linux] Source Query Proxy: DDoS Protection - Kernel redirection!


Post New Thread Reply   
 
Thread Tools Display Modes
spumer
Senior Member
Join Date: Aug 2011
Old 01-12-2021 , 06:42   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #91

Quote:
Originally Posted by pakgamerz View Post
raise Exception("Failed to compile BPF module %s" % src_file)
Exception: Failed to compile BPF module b'redirect.c'


how to fix?
Please provide:
1. Full output of error
2. Installed Kernel version: uname -r
3. bcc version (use python which you set as executable for eBPF): python -c 'import bcc; print(bcc.__version__);'
__________________

Last edited by spumer; 01-12-2021 at 06:49.
spumer is offline
pakgamerz
AlliedModders Donor
Join Date: Aug 2017
Location: Karachi
Old 01-12-2021 , 07:59   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #92

1- https://0bin.net/paste/CGqjWwsH#Blzs...livFOl2Iqs2Lft
2- 5.10.0-5.1-liquorix-amd64
3 - 0.8.0

today i got like query flood warning message challenge number changes many times . so i thought by using this may be can prevent it.

Thanks for your help.
pakgamerz is offline
spumer
Senior Member
Join Date: Aug 2011
Old 01-12-2021 , 08:46   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #93

You do not met requirements (https://github.com/spumer/source-que...d#requirements)

bcc-tools >= 0.10.0 (depends on Kernel version, see https://github.com/iovisor/bcc/releases)

You need bcc 0.18.0 cause only in this version added "Support for kernel up to 5.10"

If you use Ubuntu, i recommend install Binary from official instruction:
https://github.com/iovisor/bcc/blob/...buntu---binary

Quote:
sudo apt-get install bpfcc-tools linux-headers-$(uname -r)
But as i can see latest available package is 0.17.0, cause 0.18.0 releases 7 days ago.
https://packages.ubuntu.com/search?s...searchon=names

You should downgrade your kernel or build bcc manually, just follow the official instruction:
https://github.com/iovisor/bcc/blob/...buntu---source
__________________
spumer is offline
pakgamerz
AlliedModders Donor
Join Date: Aug 2017
Location: Karachi
Old 01-12-2021 , 08:59   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #94

I am on Debian 10 Buster . i used your guide lines to install the package but it was old version.

is there a quick way to add sources in the Debian 10 Buster and installed the updates version?

Thanks.
pakgamerz is offline
spumer
Senior Member
Join Date: Aug 2011
Old 01-12-2021 , 09:04   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #95

Quote:
Originally Posted by pakgamerz View Post
I am on Debian 10 Buster . i used your guide lines to install the package but it was old version.

is there a quick way to add sources in the Debian 10 Buster and installed the updates version?

Thanks.
Sorry, here i can not help. Try to follow "installing from sources" instruction
__________________
spumer is offline
pakgamerz
AlliedModders Donor
Join Date: Aug 2017
Location: Karachi
Old 01-12-2021 , 09:26   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #96

bpfcc-tools is sorted now i have new error.

2021-01-12 13:25:12,339 [INFO] [sqproxy.config] Confdir not found: /etc/sqproxy/conf.d
2021-01-12 13:25:12,340 [INFO] [sqproxy.config] Found config: conf.d/00-globals.yaml
2021-01-12 13:25:12,342 [INFO] [sqproxy.config] Found config: conf.d/01-hlds-game.yaml
2021-01-12 13:25:12,392 [INFO] [sqproxy] eBPF redirection enabled
2021-01-12 13:25:12,392 [INFO] [sqproxy] Wait all proxies to be ready ...
2021-01-12 13:25:12,392 [INFO] [HLDS-Server] Binding ...
2021-01-12 13:25:12,394 [INFO] [HLDS-Server] Binding ... done!
2021-01-12 13:25:12,394 [INFO] [HLDS-Server] Listen for client requests ...
2021-01-12 13:25:12,397 [INFO] [sqproxy] Wait all proxies to be ready ... Done!
2021-01-12 13:25:12,397 [WARNING] [pyroute2.ipdb.main] Deprecation warning https://docs.pyroute2.org/ipdb_toc.html
2021-01-12 13:25:12,402 [INFO] [source_query_proxy.epbf] Run ['python3', 'redirect.py', '-p', '27015:27915', '-i', 'eno1']
2021-01-12 13:25:12,507 [INFO] [main] Building eBPF program ...
2021-01-12 13:25:13,948 [INFO] [main] Attach eBPF program to interface ...
2021-01-12 13:25:13,948 [DEBUG] [main] Setup incoming hook (2) (b'incoming')
2021-01-12 13:25:13,949 [DEBUG] [main] Setup outgoing hook (2) (b'outgoing')
2021-01-12 13:25:13,950 [INFO] [main] Running ...
2021-01-12 13:25:14,720 [WARNING] [HLDS-Server] No response for <source_query_proxy.source.messages.RulesRequ est object at 0x7f39809ce400>
2021-01-12 13:25:15,210 [WARNING] [HLDS-Server] No response for <source_query_proxy.source.messages.RulesRequ est object at 0x7f39809ce3c8>
2021-01-12 13:25:16,761 [WARNING] [HLDS-Server] No response for <source_query_proxy.source.messages.RulesRequ est object at 0x7f3982a79fd0>
2021-01-12 13:25:17,625 [WARNING] [HLDS-Server] No response for <source_query_proxy.source.messages.RulesRequ est object at 0x7f39830c27f0>
2021-01-12 13:25:17,662 [WARNING] [HLDS-Server] No response for <source_query_proxy.source.messages.RulesRequ est object at 0x7f39830c2400>
2021-01-12 13:25:18,765 [WARNING] [HLDS-Server] No response for <source_query_proxy.source.messages.RulesRequ est object at 0x7f39830c25f8>
2021-01-12 13:25:20,287 [WARNING] [HLDS-Server] No response for <source_query_proxy.source.messages.RulesRequ est object at 0x7f39809ce400>
2021-01-12 13:25:20,825 [WARNING] [HLDS-Server] No response for <source_query_proxy.source.messages.RulesRequ est object at 0x7f39809ce4e0>
^C2021-01-12 13:25:21,943 [DEBUG] [main] Cleanup (2)
2021-01-12 13:25:21,951 [DEBUG] [main] Cleanup (2) done
2021-01-12 13:25:21,951 [DEBUG] [main] Cleanup (2)
2021-01-12 13:25:21,951 [DEBUG] [main] Cleanup (2) done

my 00-globals.yaml
network:
# Real game server IP address
server_ip: '51.38.60.x'
# IP address for listening incoming queries
bind_ip: '51.38.60.x'
# Real game server PORT (respect to server_ip)
server_port: 0 # don't set in globals, only for doc here
# PORT for listening incoming queries (respect to bind_ip)
bind_port: 0 # don't set in globals, only for doc here

after doing sqproxy run under tmux session some times query is not responsive . i have to off program to make it work. But i can see players coming to server.

https://snipboard.io/kRsm2Z.jpg [Screenshot of Server not responding for few seconds then click refresh works then goes off its like this while sqproxy is on]

i am not sure if its due to the warning i am getting

Last edited by pakgamerz; 01-12-2021 at 10:28.
pakgamerz is offline
spumer
Senior Member
Join Date: Aug 2011
Old 01-12-2021 , 10:26   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #97

Read about a2s_rules caching please
1. https://github.com/spumer/source-que...obals.yaml#L42
2. https://github.com/spumer/source-que...hlds-game.yaml
__________________
spumer is offline
pakgamerz
AlliedModders Donor
Join Date: Aug 2017
Location: Karachi
Old 01-12-2021 , 10:44   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #98

this are my setting and currently working fine.

a2s_info_cache_lifetime: 5
# How often update A2S_RULES data
a2s_rules_cache_lifetime: 5
# How often update A2S_PLAYERS data
a2s_players_cache_lifetime: 1
# How often change src port for queries to Real Game Server
# Some games required that due integrated ddos protection
# Without it sqporxy ip:port will be "banned" for queries
src_query_port_lifetime: 0 [changed from 10 to 0] 0 is better as server can be queried and players can join

looks okay? all players can join and see server now.

Last edited by pakgamerz; 01-12-2021 at 10:50.
pakgamerz is offline
pakgamerz
AlliedModders Donor
Join Date: Aug 2017
Location: Karachi
Old 01-12-2021 , 18:24   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #99

i still got ddos attacks query flood but it was not alot but my players got this message no challenge for your IP Address. can you help me solve this issue?



using your proxy server and kernel redirection high PPS was blocked but not completely eliminated.


https://snipboard.io/NnL8TS.jpg

Last edited by pakgamerz; 01-12-2021 at 18:24. Reason: adding screenshot of attacks graph from OVH
pakgamerz is offline
spumer
Senior Member
Join Date: Aug 2011
Old 01-13-2021 , 03:58   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #100

Quote:
Originally Posted by pakgamerz View Post
this are my setting and currently working fine.

looks okay? all players can join and see server now.
yea, it's ok

Quote:
i still got ddos attacks query flood but it was not alot but my players got this message no challenge for your IP Address. can you help me solve this issue?
I do not understand where this message showed. Take a rule provide full info about problem.

Quote:
using your proxy server and kernel redirection high PPS was blocked but not completely eliminated.
Redirection just off load for game server not for bandwidth.
The main benefit is players can play without problem. You playing on server when it was attacked?

Deeper investigation will take more time. See you in Discord
__________________
spumer is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 19:59.


Powered by vBulletin®
Copyright ©2000 - 2021, vBulletin Solutions, Inc.
Theme made by Freecode