Vultr.com - Instant Cloud Server Deployment
Game Rank
Servers:
Teams:
Fans:
453053
Players:
232360
Forum Home > Counter Strike 1.6 General Discussion > GameTracker Scanning issues all the time!!!
PREV 1 2 NEXT
wertheworldPM
#11
Sep 02, 2018 2:41 PM
Joined: Aug 07, 2016
Posts: 13
chimaera500 wrote:
I'm sorry, but if your server cannot receive an information request, or respond to one, then I am afraid Gametracker can not do anything to help with that.

I don't blame you for being annoyed if someone is attacking you, I would be furious too.

Apologies for the somewhat 'rough' response above.

I know the tech boys/girls at GT do the absolute best that is possible.
It is in the best interests of all to have all registered servers being scanned regularly.

I have no suggestions as where you should get advice on better securing your server(s), but someone here may be able to recommend a specialist website or forum.





I have contackt with some companys now i m hoping to fix this as soon as possible! Thanks for understanding and the time
chimaera500PM
#12
Sep 02, 2018 2:49 PM
GAMETRACKER MODERATOR Joined: Jul 14, 2009
Posts: 2689
Good luck.

And feel free to share your results.

__
I am a community user. I do not reply to private message requests for support.
Hint: I do not accept (or reply to) personal requests for re-ranking or unbanning.
You must use the forums please.

Links:
Forum Guidelines | Reporting abuse | Guides & FAQs | General Help
emiratesgamingPM
#13
Sep 06, 2018 10:54 AM
Joined: Aug 07, 2016
Posts: 55
i know what is your problem. even my server had this issue. The issue is with the ISP firewall [OVH] trying to block UDP port to prevent damage. To fix this you need to provide TCP Dump to the provider to patch this issue. For now you can apply some iptables and engine updates which only i got it only .

Try the engine update first. make sure your shutdown first and update the files then start it.

http://teamcity.rehlds.org/viewLog.html?buildId=15162&buildTypeId=Rehlds_Publish&tab=artifacts

check your server after this should be okay. if not provide tcp dump to your provider so they can patch the dos attacks on your server.

Meanwhile apply this iptables rules

create a firewall.sh file and paste the contents.

iptables -N SPAWNER-ANTI
iptables -N Q3FW
iptables -A Q3FW -p udp -m length --length 0:23 -j DROP
iptables -A SPAWNER-ANTI -p udp -m length --length 60 -j DROP
iptables -A SPAWNER-ANTI -j DROP
iptables -I INPUT -p udp -d 11.222.33.33 --dport 27015 -m length --length 0:39 -j DROP
iptables -I INPUT -p udp -m u32 --u32 "24&0xffff=0x0000" -j DROP
iptables -I INPUT -p udp --sport 60230:60240
iptables -A INPUT -p udp -m udp -m state --state NEW -m recent --set --name UDP --rsource
iptables -A INPUT -p udp -m udp -m state --state NEW -m recent --update --seconds 1 --hitcount 10 --name UDP --rso

apt-get install ufw
ufw allow 27015/udp
ufw allow 80/tcp
ufw allow 7021/tcp
ufw allow 20/tcp
ufw allow 21/tcp
service ufw start

iptables -L
iptables -I INPUT -p udp -m u32 --u32 "26&0xFFFF=0xfeff" -j DROP
iptables -I INPUT -p udp -m u32 --u32 "24&0xffff=0x0000" -j DROP
iptables -L

hexip=`echo "$1" | awk -F '.' '{printf "hexwhite\n"}'`
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 0x8&0xe0ff0000=0xe0110000" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "12&0xFFFF=0" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "12&0xFFFF=0xFFFF" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 5&0xFF=0:37" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 5&0xFF=128:255" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 0x4&0x0000ffff=0x00004000 && 0x20=0x636f6e6e" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 0x0&0x0000ffff=0x27 && 0x20=0x636f6e6e" -j DROP

iptables -N Q3FW
iptables -A Q3FW -p udp --sport 0:1023 -j DROP
iptables -A Q3FW -p udp --sport 1900 -j DROP
iptables -A Q3FW -p udp --sport 27000:27050 -j DROP
iptables -A Q3FW -p udp --sport 3000:3999 -j DROP
iptables -A Q3FW -p udp --sport 5353 -j DROP
iptables -A Q3FW -p udp -m length --length 0:23 -j DROP
iptables -A Q3FW -p udp -m length --length 25:32 -j DROP
iptables -A Q3FW -p udp -m length --length 1350:16384 -j DROP

iptables -A INPUT -p udp -m udp --dport 28960 -j DROP
iptables -A INPUT -p udp -m udp --sport 28960 -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP

This should temporary solve your issues server goes offline .

Thanks
Last edited by: emiratesgaming Sep 06, 2018 11:23 AM
turkiyecumhuriyetiPM
#14
Oct 07, 2018 2:39 AM
Joined: Oct 13, 2015
Posts: 4
emiratesgaming wrote:
i know what is your problem. even my server had this issue. The issue is with the ISP firewall [OVH] trying to block UDP port to prevent damage. To fix this you need to provide TCP Dump to the provider to patch this issue. For now you can apply some iptables and engine updates which only i got it only .

Try the engine update first. make sure your shutdown first and update the files then start it.

http://teamcity.rehlds.org/viewLog.html?buildId=15162&buildTypeId=Rehlds_Publish&tab=artifacts

check your server after this should be okay. if not provide tcp dump to your provider so they can patch the dos attacks on your server.

Meanwhile apply this iptables rules

create a firewall.sh file and paste the contents.

iptables -N SPAWNER-ANTI
iptables -N Q3FW
iptables -A Q3FW -p udp -m length --length 0:23 -j DROP
iptables -A SPAWNER-ANTI -p udp -m length --length 60 -j DROP
iptables -A SPAWNER-ANTI -j DROP
iptables -I INPUT -p udp -d 11.222.33.33 --dport 27015 -m length --length 0:39 -j DROP
iptables -I INPUT -p udp -m u32 --u32 "24&0xffff=0x0000" -j DROP
iptables -I INPUT -p udp --sport 60230:60240
iptables -A INPUT -p udp -m udp -m state --state NEW -m recent --set --name UDP --rsource
iptables -A INPUT -p udp -m udp -m state --state NEW -m recent --update --seconds 1 --hitcount 10 --name UDP --rso

apt-get install ufw
ufw allow 27015/udp
ufw allow 80/tcp
ufw allow 7021/tcp
ufw allow 20/tcp
ufw allow 21/tcp
service ufw start

iptables -L
iptables -I INPUT -p udp -m u32 --u32 "26&0xFFFF=0xfeff" -j DROP
iptables -I INPUT -p udp -m u32 --u32 "24&0xffff=0x0000" -j DROP
iptables -L

hexip=`echo "$1" | awk -F '.' '{printf "hexwhite\n"}'`
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 0x8&0xe0ff0000=0xe0110000" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "12&0xFFFF=0" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "12&0xFFFF=0xFFFF" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 5&0xFF=0:37" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 5&0xFF=128:255" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 0x4&0x0000ffff=0x00004000 && 0x20=0x636f6e6e" -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1c=0xffffffff && 0x0&0x0000ffff=0x27 && 0x20=0x636f6e6e" -j DROP

iptables -N Q3FW
iptables -A Q3FW -p udp --sport 0:1023 -j DROP
iptables -A Q3FW -p udp --sport 1900 -j DROP
iptables -A Q3FW -p udp --sport 27000:27050 -j DROP
iptables -A Q3FW -p udp --sport 3000:3999 -j DROP
iptables -A Q3FW -p udp --sport 5353 -j DROP
iptables -A Q3FW -p udp -m length --length 0:23 -j DROP
iptables -A Q3FW -p udp -m length --length 25:32 -j DROP
iptables -A Q3FW -p udp -m length --length 1350:16384 -j DROP

iptables -A INPUT -p udp -m udp --dport 28960 -j DROP
iptables -A INPUT -p udp -m udp --sport 28960 -j DROP
iptables -A INPUT -p udp -m u32 --u32 "0x1a&0xffff=0xfeff" -j DROP

This should temporary solve your issues server goes offline .

Thanks[/



Thanks so mucjh for information buddie! Should meet on teamspeak and chat sometimes 🤚
PREV 1 2 NEXT