Raised This Month: $7 Target: $400
 1% 

[Linux] Source Query Proxy: DDoS Protection - Kernel redirection!


Post New Thread Reply   
 
Thread Tools Display Modes
nistnesus
New Member
Join Date: May 2017
Old 05-11-2017 , 09:11   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #11

it's funny how only turkish server owners are interested in this (xlenonz, controlsuz). meaning they are getting udp flooded at the same time. just an observation
nistnesus is offline
KnoXviLLe
Senior Member
Join Date: Nov 2011
Old 05-12-2017 , 00:50   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #12

Quote:
Originally Posted by nistnesus View Post
it's funny how only turkish server owners are interested in this (xlenonz, controlsuz). meaning they are getting udp flooded at the same time. just an observation
All turkish servers...
__________________
Success is the ability to go from one failure to another with no loss of enthusiasm.

KnoXviLLe is offline
asdfxD
Veteran Member
Join Date: Apr 2011
Old 12-28-2017 , 09:23   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #13

it fails when using make.

make -C /lib/modules/`uname -r`/build M=$PWD modules
make[1]: Entering directory '/usr/src/linux-headers-4.14.3-custom-100hz'
CC [M] /home/poc/poc.o
/home/poc/poc.c: In function ‘init_module’:
/home/poc/poc.c:213:2: error: implicit declaration of function ‘nf_register_hook’ [-Werror=implicit-function-declaration]
nf_register_hook(&pre_hook);
^~~~~~~~~~~~~~~~
/home/poc/poc.c: In function ‘cleanup_module’:
/home/poc/poc.c:228:2: error: implicit declaration of function ‘nf_unregister_hook’ [-Werror=implicit-function-declaration]
nf_unregister_hook(&pre_hook);
^~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
scripts/Makefile.build20: recipe for target '/home/poc/poc.o' failed
make[2]: *** [/home/poc/poc.o] Error 1
Makefile:1503: recipe for target '_module_/home/poc' failed
make[1]: *** [_module_/home/poc] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-4.14.3-custom-100hz'
Makefile:8: recipe for target 'default' failed
make: *** [default] Error 2
root:/home/poc# error: implicit declaration of function ‘nf_unregister_hook’

Last edited by asdfxD; 12-28-2017 at 09:30.
asdfxD is offline
404UserNotFound
BANNED
Join Date: Dec 2011
Old 01-08-2018 , 14:17   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #14

I want to do this for my Linux VPS but I'm too afraid of fucking something up.

Last edited by 404UserNotFound; 01-08-2018 at 14:17.
404UserNotFound is offline
spumer
Senior Member
Join Date: Aug 2011
Old 01-10-2018 , 13:39   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #15

Quote:
Originally Posted by asdfxD View Post
it fails when using make.
Post your GCC version
__________________
spumer is offline
asdfxD
Veteran Member
Join Date: Apr 2011
Old 01-11-2018 , 00:40   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #16

Quote:
Originally Posted by spumer View Post
Post your GCC version
gcc (Debian 6.3.0-1 6.3.0 20170516
asdfxD is offline
spumer
Senior Member
Join Date: Aug 2011
Old 01-11-2018 , 02:08   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #17

Looks like no netfilter support in your Linux kernel version (compiler can't find nf_unregister_hook function)

Just add CONFIG_NETFILTER=y to your kernel config file and recompile kernel.
Or use "make menuconfig" and setup this option through GUI.

Quote:
Originally Posted by 404UserNotFound View Post
I want to do this for my Linux VPS but I'm too afraid of fucking something up.
May be later i create more simpler way to install and customize "solution". If you fuck your system just revert changes.
__________________

Last edited by spumer; 01-11-2018 at 02:16.
spumer is offline
asdfxD
Veteran Member
Join Date: Apr 2011
Old 01-22-2018 , 11:26   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #18

Quote:
Originally Posted by spumer View Post
Looks like no netfilter support in your Linux kernel version (compiler can't find nf_unregister_hook function)

Just add CONFIG_NETFILTER=y to your kernel config file and recompile kernel.
Or use "make menuconfig" and setup this option through GUI.


May be later i create more simpler way to install and customize "solution". If you fuck your system just revert changes.
it is set.

CONFIG_NETFILTER=y
CONFIG_NETFILTER_ADVANCED=y

so dunno why it does not work.
asdfxD is offline
asdfxD
Veteran Member
Join Date: Apr 2011
Old 01-25-2018 , 23:54   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #19

i have added proc to my server but gameservers with port 27015 are not listed in the server browser anymore. a server on port 27115 works.

edit: when i unload poc, they instantly appears on the list.

Last edited by asdfxD; 01-25-2018 at 23:57.
asdfxD is offline
spumer
Senior Member
Join Date: Aug 2011
Old 01-26-2018 , 03:55   Re: [Linux] [PoC] DDoS Protection - Kernel redirection!
Reply With Quote #20

Quote:
Originally Posted by asdfxD View Post
i have added proc to my server but gameservers with port 27015 are not listed in the server browser anymore. a server on port 27115 works.

edit: when i unload poc, they instantly appears on the list.
Kernel module just for redirect traffic. Handling and responding to clients must done by other software.
You can found an example on the first page of this thread.
__________________

Last edited by spumer; 01-26-2018 at 03:57.
spumer is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 03:31.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode