<!DOCTYPE html PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'>
<html><head><meta http-equiv="Content-Type" content="text/html;charset=us-ascii">
<style>BODY{font:10pt Tahoma, Verdana, sans-serif}</style></head><body>
Hi,<br><br>I'm seeing the same, where cod2 servers are now being abused for this purpose.<br>As such a patch, even if untested/very much beta, would be greatly appreciated.<br><br>Best regards,<br><br>Stefan Ideler<br><br><blockquote style="padding-left: 5px; margin-left: 5px; border-left: #0000ff 2px solid; margin-right: 0px"><hr><b>From:</b> Luca Farflame Fabbro [mailto:farflame@cybergames.it]<br><b>To:</b> Call of Duty server admin list. [mailto:cod@icculus.org]<br><b>Sent:</b> Tue, 25 Oct 2011 12:43:36 +0200<br><b>Subject:</b> Re: [cod] Query limiting...<br><br>Hi Ryan<br>
in one of your previous messages you mentioned that this patch can be "ported" also to the other COD servers. Is there any plan to do this?<br>
Now it seems that even if the server are less in number they target the COD2 servers to do the DDOS attacks. Don't have any COD server running so I don't know if also those are used as reflectors.<br>
<br>
Just one simple question regarding the patch fort the COD4 server.<br>
If you leave the server up'n running for a certain period of time (no restart for 3 weeks let's say) it seems that when the <br>
sv_queryIgnoreMegs<br>
limit is reached (our servers don't have a lot of players) the server starts to reply to the query with the spoofed IP's. A restart of the server solves the problem.<br>
I know that it will be better to restart the server before that time but would it be a possible solution to flush the stored bad IP's and restart the check on the new incoming packets when the predefined memory is full or just before this happens (% or minimum sv-ignore free memory)? Usually the attackers use the server as a reflector only for a certain amount of time (form 1 hour or less to a maximum of 2 - 3 days) then a lot of time will pass before having the same IP used as destination of the DDOS attack. <br>
<br>
Regards<br>
Luca<br>
<br>
_______________________________________________<br>
cod mailing list<br>
<a href="mailto:cod@icculus.org">cod@icculus.org</a><br>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
</blockquote><style>
</style>
</body></html>