I'm currently experiencing a massive UDP attack on my server. I host a couple of gameservers, mainly Tf2, CS:GO, CS 1.6 and CS:Source, and my 1.6 server is being flooded.
I tried different rules in iptables, but none of them seemed to work.
I'm on a 100mbps bandwidth tariff, but the flood i receive is 500+mbps.
This is the log of the latest tcpdump -> http://pastebin.com/HSgFVeBs
Packet length varies throughout the day.
Only my gameserver ports are being flooded – 27015, 27016, 27018 via UDP packets. Are there any iptables rules, that might prevent this?
Iptables rules for botnet (UDP flood) protection
botnetfloodingiptablesudp
Related Topic
- Linux – iptables drop not working with udp flood, causing high ping
- Iptables – Best Way to Clear All Iptables Rules
- Freebsd – Protecting against UDP flood
- Causes of UDP Flood
- Linux – IPTABLES for block sync flood over udp
- Iptables – Reduce Firewall Rules for TCP and UDP
- Security – Firewall UDP Flood Dos/DDoS
Best Answer
The only iptable rules that would help you even remotely would be dropping all traffic coming in on those ports. The problem with that is that your service will go down as well. The only thing you can do is talk to your ISP and ask them to drop all incoming udp traffic before it reaches you.