Raised This Month: $ Target: $400
 0% 

[Linux] Source Query Proxy: DDoS Protection - Kernel redirection!


  
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
DJEarthQuake
Veteran Member
Join Date: Jan 2014
Location: Astral planes
Old 02-28-2021 , 17:58   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #20

Please be advised. If not locally connected --flush, will sever your SSH connection and the only way in is serial console if installed. It also will disable everything network like web server, DNS, and MAIL. Make a bash script or better just lay out the rules without flush.
Quote:
Originally Posted by jeremyvillanueva View Post
I want to share this iptables

It works for my 93 tickrate server, btw it also blocks rcon listening

sudo iptables --flush
sudo iptables -t nat -F
sudo iptables -t nat -X
sudo iptables -t mangle -F
sudo iptables -t mangle -X
sudo iptables -t raw -F
sudo iptables -t raw -X
sudo iptables -t security -F
sudo iptables -t security -X
sudo iptables -F
sudo iptables -X
sudo iptables --new-chain RATE-LIMIT
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -A INPUT -p udp --destination-port 27015 --jump RATE-LIMIT
sudo iptables --append RATE-LIMIT --match hashlimit --hashlimit-mode srcip --hashlimit-srcmask 32 --hashlimit-upto 93/sec --hashlimit-burst 20 --hashlimit-name conn_rate_limit --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 --jump ACCEPT
sudo iptables --append RATE-LIMIT --match limit --limit 1/sec --limit-burst 1 --jump LOG --log-prefix "IPTables-Dropped: "
sudo iptables --append RATE-LIMIT --jump DROP
sudo iptables -A INPUT -p tcp --destination-port 27015 -j DROP
__________________
DJEarthQuake is offline
 



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 10:50.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode