Raised This Month: $203 Target: $400
 50% 

[Linux] Source Query Proxy: DDoS Protection - Kernel redirection!


Post New Thread Reply   
 
Thread Tools Display Modes
MAGNAT2645
Senior Member
Join Date: Nov 2015
Location: AlliedMods.net
Old 06-23-2021 , 08:59   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #121

Nevermind, it happened again today. I have this line in my root crontab.
Code:
@reboot /usr/bin/nohup /usr/local/bin/sqproxy run & >> /home/tf2server/log/script/crontab.log 2>&1
sqproxy just didn't start on reboot. Tried to execute nohup sqproxy run & manually and got this in errors.log (after disconnecting from terminal):
Code:
2021-06-23 15:55:53,399 [ERROR] [source_query_proxy.epbf] eBPF redirection exit with code -1
NoneType: None
EDIT: nohup.out has these as well:
Code:
2021-07-06 07:27:07,811 [ERROR] [source_query_proxy.epbf] eBPF redirection exit with code -1
NoneType: None
Traceback (most recent call last):
  File "/usr/local/bin/sqproxy", line 8, in <module>
    sys.exit(sqproxy())
  File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 1259, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "/usr/local/lib/python3.8/dist-packages/source_query_proxy/cli.py", line 14, in run
    run()
  File "/usr/local/lib/python3.8/dist-packages/pid/decorator.py", line 14, in decorator
    return func(*func_args, **func_kwargs)
  File "/usr/local/lib/python3.8/dist-packages/source_query_proxy/__main__.py", line 19, in run
    asyncio.run(_run_servers())
  File "/usr/lib/python3.8/asyncio/runners.py", line 44, in run
    return loop.run_until_complete(main)
  File "uvloop/loop.pyx", line 1466, in uvloop.loop.Loop.run_until_complete
  File "/usr/local/lib/python3.8/dist-packages/source_query_proxy/__main__.py", line 50, in _run_servers
    await asyncio.gather(*futures)
  File "/usr/local/lib/python3.8/dist-packages/source_query_proxy/epbf.py", line 96, in run_ebpf_redirection
    raise RuntimeError
RuntimeError
__________________

Last edited by MAGNAT2645; 07-06-2021 at 00:32.
MAGNAT2645 is offline
AllMassive
Senior Member
Join Date: Sep 2004
Location: /dev/urandom
Old 07-31-2021 , 23:38   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #122

it should somewhere in the doc be mentioned, that the redirect-port needs also be accessible from the external ip - aka firewall.
thought that the bpf redirects somehow magically on the host itself and that theres no need for any additional fw-rules, but. . . . ...

Last edited by AllMassive; 08-01-2021 at 00:08. Reason: typo
AllMassive is offline
spumer
Senior Member
Join Date: Aug 2011
Old 08-01-2021 , 08:19   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #123

Quote:
Originally Posted by AllMassive View Post
it should somewhere in the doc be mentioned, that the redirect-port needs also be accessible from the external ip - aka firewall.
thought that the bpf redirects somehow magically on the host itself and that theres no need for any additional fw-rules, but. . . . ...
Nice catch! Thanks!

Added to the sqredirect README: https://github.com/sqproxy/sqredirec...90801a8e687ed1
__________________
spumer is offline
AllMassive
Senior Member
Join Date: Sep 2004
Location: /dev/urandom
Old 08-02-2021 , 19:11   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #124

Trying this since a few days with cstrike (hlds), but i dont understand the log entrys:

02-hlds-game.yaml
Code:
    entrypoint: '{CONFDIR}/dummy_hlds_entrypoint.py:DummyHLDSProxy'
    network:
      bind_ip: '1.2.3.4'
      server_port: 27015
      bind_port: 27018
    no_a2s_rules: false
dummy_hlds_entrypoint.py
Code:
from source_query_proxy.proxy import QueryProxy


class DummyHLDSProxy(QueryProxy):
    """Here you can put your own logic and/or override exists
    """
Code:
[email protected]:~# sqproxy run                                                                                                                                                                                           
2021-08-02 02:39:24,466 [INFO] [sqproxy.config] Confdir not found: /etc/sqproxy/conf.d                                                                                                                            
2021-08-02 02:39:24,467 [INFO] [sqproxy.config] Found config: conf.d/00-globals.yaml                                                                                                                              
2021-08-02 02:39:24,471 [INFO] [sqproxy.config] Found config: conf.d/02-hlds-game.yaml                                                                                                                            
2021-08-02 02:39:24,474 [INFO] [sqproxy] eBPF redirection enabled                                                                                                                                                 
2021-08-02 02:39:24,474 [INFO] [sqproxy] Wait all proxies to be ready ...                                                                                                                                         
2021-08-02 02:39:24,474 [INFO] [hlds-server] Binding ...
2021-08-02 02:39:24,478 [INFO] [hlds-server] Binding ... done!
2021-08-02 02:39:24,478 [INFO] [hlds-server] Listen for client requests ...
2021-08-02 02:39:24,498 [INFO] [sqproxy] Wait all proxies to be ready ... Done!
2021-08-02 02:39:24,499 [WARNING] [pr2modules.ipdb.main] Deprecation warning https://docs.pyroute2.org/ipdb_toc.html
2021-08-02 02:39:24,504 [INFO] [source_query_proxy.epbf] Run ['sqredirect', '-p', '1.2.3.4:27015:27018', '-i', 'eth0']
2021-08-02 02:39:25,007 [WARNING] [pr2modules.ipdb.main] Deprecation warning https://docs.pyroute2.org/ipdb_toc.html
2021-08-02 02:39:25,013 [INFO] [main] Building eBPF program ..., cflags=['-include', 'utils.h', '-DUSE_IPPORT_KEY']
2021-08-02 02:39:27,413 [INFO] [main] Attach eBPF program to interface ...
2021-08-02 02:39:27,414 [DEBUG] [main] Setup incoming hook (2) (b'incoming')
2021-08-02 02:39:27,420 [DEBUG] [main] Setup outgoing hook (2) (b'outgoing')
2021-08-02 02:39:27,421 [INFO] [main] Running ...
2021-08-02 02:42:48,824 [INFO] [hlds-server] Backing off _update_players(...) for 0.4s (concurrent.futures._base.TimeoutError)
2021-08-02 02:42:50,182 [INFO] [hlds-server] Backing off _update_players(...) for 0.0s (concurrent.futures._base.TimeoutError)
2021-08-02 02:42:51,194 [INFO] [hlds-server] Backing off _update_players(...) for 0.1s (concurrent.futures._base.TimeoutError)
2021-08-02 02:42:52,346 [INFO] [hlds-server] Backing off _update_players(...) for 0.0s (concurrent.futures._base.TimeoutError)
2021-08-02 03:04:39,788 [INFO] [hlds-server] Backing off _update_players(...) for 0.4s (concurrent.futures._base.TimeoutError)
2021-08-02 04:34:50,907 [INFO] [hlds-server] Backing off _update_players(...) for 0.2s (concurrent.futures._base.TimeoutError)
2021-08-02 04:59:54,559 [INFO] [hlds-server] Backing off _update_players(...) for 0.1s (concurrent.futures._base.TimeoutError)
2021-08-02 05:50:02,014 [INFO] [hlds-server] Backing off _update_players(...) for 0.5s (concurrent.futures._base.TimeoutError)
2021-08-02 06:40:09,434 [INFO] [hlds-server] Backing off _update_players(...) for 0.2s (concurrent.futures._base.TimeoutError)
2021-08-02 07:05:13,109 [INFO] [hlds-server] Backing off _update_players(...) for 0.4s (concurrent.futures._base.TimeoutError)
2021-08-02 09:30:34,938 [INFO] [hlds-server] Backing off _update_players(...) for 1.0s (concurrent.futures._base.TimeoutError)
2021-08-02 09:55:38,643 [INFO] [hlds-server] Backing off _update_players(...) for 0.5s (concurrent.futures._base.TimeoutError)
2021-08-02 10:40:45,752 [INFO] [hlds-server] Backing off _update_players(...) for 0.3s (concurrent.futures._base.TimeoutError)
2021-08-02 11:25:52,975 [INFO] [hlds-server] Backing off _update_players(...) for 0.1s (concurrent.futures._base.TimeoutError)
2021-08-02 12:16:00,502 [INFO] [hlds-server] Backing off _update_players(...) for 0.5s (concurrent.futures._base.TimeoutError)
2021-08-02 13:31:11,062 [INFO] [hlds-server] Backing off _update_players(...) for 0.7s (concurrent.futures._base.TimeoutError)
2021-08-02 13:56:14,974 [INFO] [hlds-server] Backing off _update_players(...) for 0.5s (concurrent.futures._base.TimeoutError)
2021-08-02 16:46:40,325 [INFO] [hlds-server] Backing off _update_players(...) for 0.9s (concurrent.futures._base.TimeoutError)
2021-08-02 17:31:47,246 [INFO] [hlds-server] Backing off _update_players(...) for 0.5s (concurrent.futures._base.TimeoutError)
2021-08-02 19:07:02,116 [INFO] [hlds-server] Backing off _update_players(...) for 0.7s (concurrent.futures._base.TimeoutError)
2021-08-02 19:18:02,821 [INFO] [hlds-server] Backing off _update_players(...) for 0.0s (concurrent.futures._base.TimeoutError)
2021-08-02 19:43:06,131 [INFO] [hlds-server] Backing off _update_players(...) for 0.2s (concurrent.futures._base.TimeoutError)
2021-08-02 20:33:13,434 [INFO] [hlds-server] Backing off _update_players(...) for 0.2s (concurrent.futures._base.TimeoutError)
2021-08-02 21:23:20,935 [INFO] [hlds-server] Backing off _update_players(...) for 0.0s (concurrent.futures._base.TimeoutError)
2021-08-02 22:25:15,034 [INFO] [hlds-server] Backing off _update_players(...) for 0.3s (concurrent.futures._base.TimeoutError)
2021-08-02 22:57:58,343 [INFO] [hlds-server] Backing off _update_players(...) for 1.0s (concurrent.futures._base.TimeoutError)
2021-08-02 23:20:00,042 [INFO] [hlds-server] Backing off _update_players(...) for 0.4s (concurrent.futures._base.TimeoutError)
2021-08-02 23:20:04,010 [INFO] [hlds-server] Backing off _update_rules(...) for 0.1s (concurrent.futures._base.TimeoutError)
2021-08-02 23:46:04,938 [INFO] [hlds-server] Backing off _update_players(...) for 0.7s (concurrent.futures._base.TimeoutError)
2021-08-02 23:46:09,843 [INFO] [hlds-server] Backing off _update_rules(...) for 0.1s (concurrent.futures._base.TimeoutError)  
2021-08-03 00:11:33,490 [INFO] [hlds-server] Backing off _update_players(...) for 0.1s (concurrent.futures._base.TimeoutError)
2021-08-03 00:11:34,628 [INFO] [hlds-server] Backing off _update_players(...) for 0.3s (concurrent.futures._base.TimeoutError)
2021-08-03 00:11:37,569 [INFO] [hlds-server] Backing off _update_info(...) for 0.3s (concurrent.futures._base.TimeoutError)   
2021-08-03 00:23:13,419 [INFO] [hlds-server] Backing off _update_players(...) for 0.6s (concurrent.futures._base.TimeoutError)
2021-08-03 00:30:59,254 [INFO] [hlds-server] Backing off _update_players(...) for 0.1s (concurrent.futures._base.TimeoutError)
2021-08-03 00:31:00,324 [INFO] [hlds-server] Backing off _update_players(...) for 0.3s (concurrent.futures._base.TimeoutError)
2021-08-03 00:57:06,126 [INFO] [hlds-server] Backing off _update_players(...) for 0.6s (concurrent.futures._base.TimeoutError)
2021-08-03 00:57:10,994 [INFO] [hlds-server] Backing off _update_rules(...) for 0.7s (concurrent.futures._base.TimeoutError)
could you please explain what theses entries do actually mean, since the server is reachable while these occur.

when stopping the sqproxy on the console with ctrl+c:
Code:
2021-08-03 01:17:18,998 [DEBUG] [main] Cleanup (2)
2021-08-03 01:17:19,005 [DEBUG] [main] Cleanup (2) done
2021-08-03 01:17:19,006 [DEBUG] [main] Cleanup (2)
Error in atexit._run_exitfuncs:
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/dist-packages/sqredirect-1.2.1-py3.7.egg/sqredirect/redirect.py", line 200, in cleanup
    ipr.tc("del", "ingress", ifindex, "ffff:")
  File "/usr/local/lib/python3.7/dist-packages/pyroute2.core-0.6.4-py3.7.egg/pr2modules/iproute/linux.py", line 1662, in tc
    return tuple(self.nlm_request(msg, msg_type=command, msg_flags=flags))
  File "/usr/local/lib/python3.7/dist-packages/pyroute2.core-0.6.4-py3.7.egg/pr2modules/netlink/nlsocket.py", line 391, in nlm_request
    return tuple(self._genlm_request(*argv, **kwarg))
  File "/usr/local/lib/python3.7/dist-packages/pyroute2.core-0.6.4-py3.7.egg/pr2modules/netlink/nlsocket.py", line 884, in nlm_request
    callback=callback):
  File "/usr/local/lib/python3.7/dist-packages/pyroute2.core-0.6.4-py3.7.egg/pr2modules/netlink/nlsocket.py", line 394, in get
    return tuple(self._genlm_get(*argv, **kwarg))
  File "/usr/local/lib/python3.7/dist-packages/pyroute2.core-0.6.4-py3.7.egg/pr2modules/netlink/nlsocket.py", line 719, in get
    raise msg['header']['error']
pr2modules.netlink.exceptions.NetlinkError: (22, 'Invalid argument')
bcc:
Code:
python3 -c 'import bcc; print(bcc.__version__);'
0.21.0-b912d0b0
i'm using a 5.12-kernel on debian 10.

Last edited by AllMassive; 08-03-2021 at 20:53. Reason: typo!+more info
AllMassive is offline
AllMassive
Senior Member
Join Date: Sep 2004
Location: /dev/urandom
Old 08-03-2021 , 20:52   Re: [Linux] Source Query Proxy: DDoS Protection - Kernel redirection!
Reply With Quote #125

Quote:
Originally Posted by spumer View Post
message appear when sqproxy got unexpected message. Unexpected bytes printed in console. Can you post full messsage here?
Code:
[WARNING] [hlds-server] Broken data was received: data[:150]=b'\xff\xff\xff\xffU%s'
[WARNING] [hlds-server] Broken data was received: data[:150]=b'\xff\xff\xff\xffV%s'
AllMassive is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 13:14.


Powered by vBulletin®
Copyright ©2000 - 2021, vBulletin Solutions, Inc.
Theme made by Freecode