Gametracker Logo
  GAMES   SERVERS   PROFILES   TEAMS   PREMIUM   DOWNLOADS   FORUMS  
| Sign Up  
GameTracker > Forum > General Discussion > Failed Query Server + UDP Port 27015 Flood
Vultr.com - Instant Cloud Server Deployment
GAMETRACKER FORUMS
Forum Home > General Discussion > Failed Query Server + UDP Port 27015 Flood
emiratesgamingPM
#1
Failed Query Server + UDP Port 27015 Flood
Oct 09, 2017 8:51 AM
Joined: Aug 07, 2016
Posts: 310
Hello,

So i have one Gaming Server cs 1.6 that recently has been target of UDP 27015 port flood . when i check in Open Game Panel it says Failed Query to Server.

It happaned just few weeks ago i was not able to even restart server it said server is online but failed to responding. I tried to update steam and files and engine reHLDS still same issue. i implemented iptables to my server but still it works some time it does not.

Few Rules i have set so currently its fine but i dont know for how long.

root@mail:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpts:27015:27020 STRING match "f0ef8a36258af1bb64ed866538c9db76" ALGO name kmp TO 65535
LOG udp -- anywhere anywhere udp dpts:27015:27020 STRING match "f0ef8a36258af1bb64ed866538c9db76" ALGO name kmp TO 65535 LOG level warning
REJECT udp -- anywhere anywhere udp dpt:27015 #conn src/32 > 2 reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere tcp dpt:27015 #conn src/32 > 2 reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


If someone knows better rules for UDP flood then please suggest what rules can prevent them.

I have taken a tcpdump for port 27015 so please guide me the current UDP pakcket size so i can do some limit on per packet coming to my server network.

http://egcmasti.com/capture-ovh

Thanks,
egcmasti
robin3skPM
#2
Oct 09, 2017 3:58 PM
Joined: Jun 06, 2015
Posts: 1364
DDOS protection cannot be accomplished on the host itself. It must be performed at the data center or carrier level.
So if your service providers don't offer DDOS mitigation, you might want to consider getting a new service provider.

- Split up your services across multiple providers and/or IP addresses.

- Proxy / VPN your services and low TTL DNS records so you can ditch the IP they're on quicker without having your server getting completely null-routed.

- Get a provider that is properly equipped to mitigate DDOS attacks; this is probably going to be quite expensive.
emiratesgamingPM
#3
Oct 10, 2017 1:36 AM
Joined: Aug 07, 2016
Posts: 310
Please note i am using OVH Game server which has good DDOS protected for Game Server specific. Acutally you know DDOS can be bypassed in my case it might not be a exact DDOS but a flood on the port might be software level no exact idea.

Hope this might give you an idea about my server.
GAMETRACKER
Servers
Teams
Profiles
Games 		QUICK LINKS
Members Area
Search
Report a Bug
Forums 		SPONSORS
Cheap Ventrilo Hosting
Rent Game Servers 		LEGAL
Terms of Service | Privacy Policy
Use Policy | Anti-spam Policy
Cookie Policy | GDPR Privacy Notice
© Copyright GameTracker.com - Game Server Stats, Online Server List, Multiplayer Server Rank, FPS Server Banners.