flood on port udp 27015 [Rehlds] counter-strike 1.6

Сообщения
110
Реакции
6
Помог
2 раз(а)
Ошибка
server is unresponsive and says no challenge for the host / most of times failed to contact the server [timeout]
ОС
Linux
Amx Mod X
AMX Mod X 1.10.0.5401 (http://www.amxmodx.org)
Authors:
David "BAILOPAN" Anderson, Pavol "PM OnoTo" Marko
Felix "SniperBeamer" Geyer, Jonny "Got His Gun" Bergstrom
Lukasz "SidLuke" Wlasinski, Christian "Basic-Master" Hammacher
Borja "faluco" Ferrer, Scott "DS" Ehlert
Compiled: Jun 3 2020 14:54:49
Built from: https://github.com/alliedmodders/amxmodx/commit/ed1ab00
Build ID: 5401:ed1ab00
Core mode: JIT+ASM32
Билд
Protocol version 48
Exe version 1.1.2.7/Stdio (cstrike)
ReHLDS version: 3.7.0.696-dev
Build date: 18:46:47 May 18 2020 (2228)
Build from: https://github.com/dreamstalker/rehlds/commit/987ee51
ReGamedll
ReGameDLL version: 5.18.0.468-dev
Build date: 19:23:38 Jun 10 2020
Build from: https://github.com/s1lentq/ReGameDLL_CS/commit/36b46bf
Версия Metamod
Metamod-r v1.3.0.128, API (5:13)
Metamod-r build: 17:47:54 Aug 24 2018
Metamod-r from: https://github.com/theAsmodai/metamod-r/commit/0cf2f70
Список метамодулей
Currently loaded plugins:
description stat pend file vers src load unload
[ 1] SafeNameAndChat RUN - SafeNameAndChat.so v1.1 ini ANY ANY
[ 2] Reunion RUN - reunion_mm_i386.so v0.1.0.92c ini Start Never
[ 3] ReAuthCheck RUN - reauthcheck_mm_i386.so v0.1.6 ini Start Never
[ 4] AMX Mod X RUN - amxmodx_mm_i386.so v1.10.0.5401 ini Start ANY
[ 5] WHBlocker RUN - whblocker_mm_i386.so v1.5.696 ini Chlvl ANY
[ 6] ReSemiclip RUN - resemiclip_mm_i386.so v2.3.9 ini Chlvl ANY
[ 7] MySQL RUN - mysql_amxx_i386.so v1.10.0.5401 pl4 ANY ANY
[ 8] FakeMeta RUN - fakemeta_amxx_i386.so v1.10.0.5401 pl4 ANY ANY
[ 9] CStrike RUN - cstrike_amxx_i386.so v1.10.0.5401 pl4 ANY ANY
[10] Ham Sandwich RUN - hamsandwich_amxx_i386.so v1.10.0.5401 pl4 ANY ANY
[11] CSX RUN - csx_amxx_i386.so v1.10.0.5401 pl4 ANY ANY
[12] ReAimDetector RUN - reaimdetector_amxx_i386.so v0.2.2 pl4 ANY Never
X[13] Fun RUN - fun_amxx_i386.so v1.10.0.5401 pl4 ANY ANY [14] Engine RUN - engine_amxx_i386.so v1.10.0.5401 pl4 ANY ANY
[15] ReAPI RUN - reapi_amxx_i386.so v5.14.0.196-dev pl4 ANY Never
15 plugins, 15 running
Список плагинов
Currently loaded plugins:
id name version author url file status
[ 1] 0 AMXBans Core 6.13 YamiKaitou unknown amxbans_cor running
[ 2] 1 AMXBans Main 6.13 YamiKaitou unknown amxbans_mai running
[ 3] 2 FreshBans 1.4.3b kanagava unknown fresh_bans. running
[ 4] 3 CVAR Hostname Blocker 1.0 unknown block_hostn running
[ 5] 4 Admin Commands 1.10.0.540 AMXX Dev Team admincmd.am running
[ 6] 5 Admin Help 1.10.0.540 AMXX Dev Team adminhelp.a running
[ 7] 6 Menus Front-End 1.10.0.540 AMXX Dev Team menufront.a running
[ 8] 7 Commands Menu 1.10.0.540 AMXX Dev Team cmdmenu.amx running
[ 9] 8 Players Menu 1.10.0.540 AMXX Dev Team plmenu.amxx running
X[ 10] 9 Teleport Menu 1.10.0.540 AMXX Dev Team telemenu.am running [ 11] 10 Maps Menu 1.10.0.540 AMXX Dev Team mapsmenu.am running
[ 12] 11 Restrict Weapons 1.10.0.540 AMXX Dev Team restmenu.am running
[ 13] 12 Admin Chat 1.10.0.540 AMXX Dev Team adminchat.a running
[ 14] 13 Anti Flood 1.10.0.540 AMXX Dev Team antiflood.a running
[ 15] 14 Scrolling Message 1.10.0.540 AMXX Dev Team scrollmsg.a running
[ 16] 15 Info. Messages 1.10.0.540 AMXX Dev Team imessage.am running
[ 17] 16 Admin Votes 1.10.0.540 AMXX Dev Team adminvote.a running
[ 18] 17 Stats Configuration 1.10.0.540 AMXX Dev Team statscfg.am running
[ 19] 18 StatsX 1.10.0.540 AMXX Dev Team statsx.amxx running
[ 20] 19 CS Misc. Stats 1.8.2 AMXX Dev Team unknown miscstats.a running
X[ 21] 20 Chat Manager 4.5.1 OciXCrom unknown crx_chatman running [ 22] 21 ReAimDetector API 0.2.2 ReHLDS Team unknown reaimdetect running
[ 23] 22 OciXCrom's Rank System 3.9 OciXCrom unknown crx_ranksys running
[ 24] 23 Fast Knife 1.0 OciXCrom unknown crx_fast_kn running
[ 25] 24 c4 timer 1.1 cheap_suit unknown c4timer.amx running
[ 26] 25 Restricted Names 1.1 Hattrick JM3Ch3R nick-replac running
[ 27] 26 CS Revo: Objetivo ou K 1.0 Wilian M. unknown csr_objetiv running
[ 28] 27 Fast Sniper Switch 1.3 Numb unknown fast_sniper running
[ 29] 28 CS Revo: Paraquedas Li 1.0 Wilian M. unknown csr_parachu running
[ 30] 29 Advanced Kill Assists 1.3b Xelson unknown next21_kill running
[ 31] 30 CS AFK Manager 1.0.6 (amx Freeman afk_manager running
X[ 32] 31 [ReApi] Killer ScreenF 0.0.4 Vaqtincha unknown reapi_kille running [ 33] 32 VIP_Xtreme 3.5 $ohaibXtreme unknown VIP.amxx running
[ 34] 33 Auto Demo Recorder 1.5 IzI unknown amx_demorec running
[ 35] 34 Autoresponder/Advertis 0.5 MaximusBrood unknown ad_manager. running
[ 36] 35 AMXX Gag 1.5.0 xPaw & Exolent unknown amx_gag.amx running
[ 37] 36 AntiFlash FINAL 5.0 Leo_[BH] unknown antiflash5. running
[ 38] 37 Ping Faker 1.0 Hattrick unknown pingfaker2. running
[ 39] 38 Ping Checker RC2 h1k3 unknown ping_checke running
[ 40] 39 [ReAPI] Block 'Fire in 0.0.1 sergrib unknown reapi_block running
[ 41] 40 Weapon Icon 1.2 hoboman313/Zenix unknown weapon_icon running
[ 42] 41 Simple Reset Score 1.0 PG unknown resetscore. running
[ 43] 42 KGB Bots 2.1 OvidiuS & Desika unknown kgbbots.amx running
43 plugins, 43 running
since 10 days i am getting flood on udp port 27015

i am cibble of attacks i dont know why since i am top ranked on gametracker.com

here is the link of the dump saved . https://github.com/dreamstalker/rehlds/files/4768974/flood_on_27015.zip

i also posted in the rehlds github but no one has any clue or suggestion.

most of top 5 server face same issue and my host is OVH .

just 2 days back they updated their game firewall tilera but still this attack is not fixed.

some OVH server does not face this attacks/floods but mine does and i tried these iptables rules some times it works then does not.

iptables -I INPUT -p udp -m u32 --u32 "26&0xFFFF=0xfeff" -j DROP

iptables -I INPUT -p udp -m u32 --u32 "24&0xffff=0x0000" -j DROP

iptables -A INPUT -p udp --dport 27015 -m u32 --u32 "0x19&0xff=0xfe" -j DROP

iptables -A INPUT -p udp --dport 27015 -m length --length 0:32 -j DROP

My VPS is using anti-ddos game from OVH


i need some help regarding this and if you can analyse the packet capture may be we can block this attacks using iptables.

your help is much appreciated.
 

Download all Attachments

Последнее редактирование:

Пользователи, просматривающие эту тему

Сейчас на форуме нет ни одного пользователя.
Сверху Снизу