Forum

CS2D

Servers

about iptables

Forums overview CS2D overview Servers overview Log in to reply

about iptables

7 replies

Re: about iptables

x223112
User Off

Offline

05.01.14 08:13:46 pm

Maybe it will save u from DoS/DDoS attacks.. But it wont protect your from Rocket! MUHAHAHAHHA!

Re: about iptables

sheeL
User Off

Offline

05.01.14 08:52:37 pm

x223112 has written

Maybe it will save u from DoS/DDoS attacks.. But it wont protect your from Rocket! MUHAHAHAHHA!

Rocket? what lol

Re: about iptables

-RZ-
User Off

Offline

05.01.14 09:04:44 pm

Rocket... Team?? Pokémon?! '-'

Re: about iptables

sheeL
User Off

Offline

05.01.14 09:54:11 pm

RDN has written

iptables -A INPUT -p tcp --syn -m limit --limit 1 /s --limit-burst 8 -j DROP

this not protect because here no udp

iptables -A INPUT -p udp -m length --length 0:28 -j DROP

this too not protect because small packets do not break the server

iptables -A INPUT -p udp -m length --length 278:428 -j DROP

it can protect on 10%

Serious? You are trying to bring down my server @Rodion -.-

Re: about iptables

EngiN33R
Moderator Off

Offline

06.01.14 10:36:23 am

sheeL: Actually his advice is sound, I don't really see the reason to be as paranoid as you are. If you don't believe him, check the syntax yourself for any malicious flags that you seem to think are there.

Re: about iptables

DC
Admin

Offline

06.01.14 10:46:40 am

The second rule makes sense. It's not about small packets but about completely empty packets without any payload (28 is the size of the UDP+IP headers). I highly recommend to use this rule.