Raised This Month: $13 Target: $400
 3% 

[Linux] Source Query Proxy: DDoS Protection - Kernel redirection!


Post New Thread Reply   
 
Thread Tools Display Modes
spumer
Senior Member
Join Date: Aug 2011
Old 04-17-2020 , 13:45   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #61

Quote:
Originally Posted by insanedude View Post
Thanks.
Waiting for some documentation as I'm struggling to make it work.

Python 3.7 (pip 18.1) installed. However, /etc/sqproxy doesn't exist. I'd assume we need to manually create it.
That's fine. Created those.
I saw this setting in the yaml file:

Code:
"# Automatically run eBPF redirection
  executable: 'python2'"
But why, since the requirement is "Python 3.7 or above"?
Do any additional changes need to be done on those files, except the IP binds and ports?

For example, does "network" within the dummy-game need to be configured?

On the "eBPF" part, I don't quite get the first point. Which should the target directory be? Can you give an example please?

PS. Running this on a test VM.. so i can break stuff and do some additional testing if needed
eBPF part has own documentation. And python2 or python3 is depends on bcc-tools installation way.
You can install bcc-tools as system package and it can be installed as for py2 or py3. Or you can manually build, and again for py2 or py3. This is why i add option to set executable.

Python3.7 it's requirement for sqproxy app, not for sqproxy eBPF part.

Please see config examples again, it's very simple. In common you only need set IP in global defaults and ports for each server in servers section.
__________________
spumer is offline
MAGNAT2645
Senior Member
Join Date: Nov 2015
Location: AlliedMods.net
Old 06-16-2020 , 17:22   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #62

It might be stupid question but is there any autolaunch feature or you need to type "sqproxy run" every time when you reboot Linux? Also, is there any way to stop sqproxy process? I've noticed that SW Game Description Override is not working if you run SQProxy, i just see default "Team Fortress" message in description info.
__________________
MAGNAT2645 is offline
spumer
Senior Member
Join Date: Aug 2011
Old 06-17-2020 , 03:47   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #63

Quote:
Originally Posted by MAGNAT2645 View Post
It might be stupid question but is there any autolaunch feature or you need to type "sqproxy run" every time when you reboot Linux? Also, is there any way to stop sqproxy process?
You can use any Autolunch method, e.g cron, use special key "@reboot" instead classic crontab schedule format to run after system reboot. You also can run it in short period and this will be ok cause SQProxy will check it currently running and exit if it's true.

To stop process you can just send SIGTERM or ctrl+c.
In my case i use `screen` to run SQProxy.


Quote:
I've noticed that SW Game Description Override is not working if you run SQProxy, i just see default "Team Fortress" message in description info.
Mmmm... looks like default message cached and all will be ok when cache updated (in 5 secs by default)
Current defaults you can see in example: https://github.com/spumer/source-que...obals.yaml#L18
__________________

Last edited by spumer; 06-17-2020 at 03:59.
spumer is offline
MAGNAT2645
Senior Member
Join Date: Nov 2015
Location: AlliedMods.net
Old 06-17-2020 , 04:10   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #64

The problem in my case is that i can't even log in via SSH (even FTP/SFTP is not working now, actually most of services are "running" but not working, i can't even upgrade/update packages).
It prints (via service ssh status):
Code:
server listening on 0.0.0.0 port 22
And there's no any running processes named "sqproxy"...
I'm still a noob in Linux systems and i don't know why this happened (after last reboot).

It might not even be because of SQProxy but this "listening on 0.0.0.0" scare me (i have default bind_ip):
Code:
bind_ip: '0.0.0.0'
__________________

Last edited by MAGNAT2645; 06-17-2020 at 04:52.
MAGNAT2645 is offline
spumer
Senior Member
Join Date: Aug 2011
Old 06-17-2020 , 12:00   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #65

0.0.0.0 mean listen on all available interfaces

I can't help you manage your host man, you can try mail to support or googling your problem. This thread about sqproxy.

Can I help you somehow?
__________________
spumer is offline
MAGNAT2645
Senior Member
Join Date: Nov 2015
Location: AlliedMods.net
Old 06-17-2020 , 13:16   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #66

I did some research and found out that now Ubuntu can't even
Code:
ping google.com
Just throws
Code:
Temporary failure in name resolution
Same thing for commands like apt-get update (upgrade etc. basically any commands for reading repositories)
Throws:
Code:
Temporary failure resolving ... (Repositories from /etc/apt/sources.list, basically security.ubuntu.com (Bionic dist) and mirror.corbina.net)
W: Some index files failed to download. They have been ignored, or old ones used instead.
And, using scp (wanted to send backup to other Ubuntu server and then reinstall OS on *this* server)
Code:
ssh: connect to host *HOST* port *PORT*: Network is unreachable
lost connection
So, i cant log in via SSH therefore can't use SFTP...

Might be something with DNS???
I've looked through a lot of problems with similar errors, but haven't found a solution yet.
So i will probably have to contact technical support but they may not answer because i have 1st level of administration, it means that i must do all things myself.

I just need some advice: can i somehow fix SFTP so i will be able to download all files and then reinstall OS?
__________________

Last edited by MAGNAT2645; 06-17-2020 at 13:42.
MAGNAT2645 is offline
DJEarthQuake
Veteran Member
Join Date: Jan 2014
Location: Astral planes
Old 06-20-2020 , 11:29   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #67

@MAGNAT2645. This is totally off topic and you are still replying so let's end it quick. Given is a script I just made and tested to fix your config if that is what it is.

Assuming it is your DNS.
If ping 8.8.8.8 works then it is.
Maintain /etc/resolv.conf manually or script.

Code:
#!/bin/sh DIR="/etc/resolv.conf" DNS="8.8.8.8" echo BEFORE cat ${DIR} chattr -i ${DIR} mv ${DIR} ${DIR}.backup touch ${DIR} echo nameserver ${DNS} > ${DIR} chattr +i ${DIR} echo AFTER cat ${DIR}


Quote:
Originally Posted by MAGNAT2645 View Post
I did some research and found out that now Ubuntu can't even
Code:
ping google.com
Just throws
Code:
Temporary failure in name resolution
Same thing for commands like apt-get update (upgrade etc. basically any commands for reading repositories)
Throws:
Code:
Temporary failure resolving ... (Repositories from /etc/apt/sources.list, basically security.ubuntu.com (Bionic dist) and mirror.corbina.net)
W: Some index files failed to download. They have been ignored, or old ones used instead.
And, using scp (wanted to send backup to other Ubuntu server and then reinstall OS on *this* server)
Code:
ssh: connect to host *HOST* port *PORT*: Network is unreachable
lost connection
So, i cant log in via SSH therefore can't use SFTP...

Might be something with DNS???
I've looked through a lot of problems with similar errors, but haven't found a solution yet.
So i will probably have to contact technical support but they may not answer because i have 1st level of administration, it means that i must do all things myself.

I just need some advice: can i somehow fix SFTP so i will be able to download all files and then reinstall OS?
__________________
"It's not the actual programming that's interesting. But it's what you can accomplish with the end results that are important." -Dennis Ritchie
"Mathematics, rightly viewed, possesses not only truth, but supreme beauty a beauty cold and austere, like that of sculpture..." -Bertrand Russell
DJEarthQuake is offline
MAGNAT2645
Senior Member
Join Date: Nov 2015
Location: AlliedMods.net
Old 06-21-2020 , 13:09   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #68

Nah, that didn't help. I think better option is to reinstall OS but i need to somehow get backup archive from the server to avoid losing important information.

EDIT: The problem seems to have been fixed. Now I'm trying to find out the cause of the problem.
I very much hope this wasn't originally due to SQProxy ))
So the problem was: i somehow removed netplan idk how i just tried to update Python from 3.6.9 to newer version (because pip install throws an error)...
__________________

Last edited by MAGNAT2645; 06-22-2020 at 04:20.
MAGNAT2645 is offline
DJEarthQuake
Veteran Member
Join Date: Jan 2014
Location: Astral planes
Old 06-25-2020 , 09:33   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #69

That is a question for the Ubuntu forums.
__________________
"It's not the actual programming that's interesting. But it's what you can accomplish with the end results that are important." -Dennis Ritchie
"Mathematics, rightly viewed, possesses not only truth, but supreme beauty a beauty cold and austere, like that of sculpture..." -Bertrand Russell
DJEarthQuake is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 06:33.


Powered by vBulletin®
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Theme made by Freecode