try put
-d 162.222.73.243 |
i add it and no positive result
this my Code:
iptables -L Code:
root@vmi:~# iptables -L |
they can, this is rules for that. on that server do you only use this udp port.
|
Quote:
no, i use other ports for my clients, but i lunch cs1.6 server on port 27043 for test dos attack and i attack just this port not else ports no one these moment attack me, i just make test dos attack on port 27043 from external server for test my firewall |
try this
iptables -I INPUT -s 162-222-73-121 -dport 27043 -j DROP and test. this drop all on that port just see is this working. |
i try your rule
Code:
iptables -I INPUT -s 162.222.73.121 -dport 27043 -j DROP Code:
Bad argument `27043' this rule block attacker ip from accessing gameserver ip on port 27043 and the attacker ip can access other yes ? so i search on google and i got this rule to do this Code:
iptables -I INPUT -p tcp -d 162.222.73.121 --dport 27043 -j DROP i think the result must the attacker cant dos me on this port so i decide to block the attacker ip using this rule Code:
iptables -A INPUT -s 162.222.73.98 -j DROP i need to notice i take this point in mind (the attacker ip don't still same as previous ip because i am using free rdp to to make test dos attack) |
block ip with drop rule should work.
try iptables -I INPUT -s 162.222.73.98/32 -j DROP |
same problem....
look i was have ufw firewall on my ubuntu server but the ufw is disabled now just iptables is active that effect ?? and i was installed ddos-deflate script and this using iptables as a base that effect too ? i made ping from attacker server to my game server before & after blocking attacker ip and two result same Code:
Pinging $gameserver with 32 bytes of data: this mean i have issue on my iptables |
no effect.
try iptables -I INPUT -s 162-222-73-121.saucelabs.net -j DROP or iptables -I INPUT -d 162-222-73-121.saucelabs.net -j DROP change ip to ip that is now. |
Quote:
i will try to make dos on tcp port, i was have tcp protection so i will test it if i can block it.... after make DOS Attack on tcp purt the ddos deflate blocked the attacker Code:
List of currently banned ip's. |
post
iptables -nvL |
Code:
root@vmi:~# iptables -nvL this appear after flush iptables and make new dos attack on tcp port then ddos deflate block the attacker |
i realy dont know way iptables rule dont work in your case maybe there is some other rule that overide them.
|
and yes after ddos deflate script i can't ping my gameserver any more from attacker machine
Code:
C:\Windows\system32>ping $gameserver that mean my iptables not work..... so i will try to remove the ddos deflate |
great then you solved it.
try remove and restart. and then try our approach it should work. first try with ip block. if that work try connection limit options. and see whats happening. |
All times are GMT -5. The time now is 12:10 PM. |