# These commands, for instance, would block external IPs that send queries <br># at a rate of 2/second or higher:<br># add a host to the banlist and then drop the packet.<br>/sbin/iptables -N QUERY-BLOCK<br>/sbin/iptables -A QUERY-BLOCK -m recent --set --name blocked-hosts -j DROP<br>
# is this a query packet? if so, block commonly attacked ports outright,<br># then see if it&#39;s a known attacking IP, then see if it is sending at a high<br># rate and should be added to the list of known attacking IPs.<br>
/sbin/iptables -N QUERY-CHECK<br>/sbin/iptables -A QUERY-CHECK -p udp -m string ! --string &quot;getstatus&quot; --algo bm --from 32 --to 41 -j RETURN<br>/sbin/iptables -A QUERY-CHECK -p udp --sport 0:1025 -j DROP<br>/sbin/iptables -A QUERY-CHECK -p udp --sport 3074 -j DROP<br>
/sbin/iptables -A QUERY-CHECK -p udp --sport 7777 -j DROP<br>/sbin/iptables -A QUERY-CHECK -p udp --sport 27015:27100 -j DROP<br>/sbin/iptables -A QUERY-CHECK -p udp --sport 25200 -j DROP<br>/sbin/iptables -A QUERY-CHECK -p udp --sport 25565 -j DROP<br>
# is it already blocked? continue blocking it and update the counter so it<br># gets blocked for at least another 30 seconds.<br>/sbin/iptables -A QUERY-CHECK -m recent --update --name blocked-hosts --seconds 30 --hitcount 1 -j DROP<br>
# check to see if it exceeds our rate threshold,<br># and add it to the list if it does.<br># /sbin/iptables -A QUERY-CHECK -m hashlimit --hashlimit-mode srcip --hashlimit-name getstatus --hashlimit-above 2/second -j QUERY-BLOCK<br>
# CentOS 5 or CentOS 6 compatible<br>/sbin/iptables -A QUERY-CHECK -m hashlimit --hashlimit-mode srcip --hashlimit-name getstatus --hashlimit 2/s -j RETURN<br>/sbin/iptables -A QUERY-CHECK -j QUERY-BLOCK<br># look at all the packets going to q3/cod*/et/etc servers <br>
# /sbin/iptables -A INPUT -p udp --dport 27960:29000 -j QUERY-CHECK<br><div>/sbin/iptables -A INPUT -p udp --dport 27000:30000 -j QUERY-CHECK<br></div><div><br></div><div> ./spamblock.bsh<br>iptables: Chain already exists.<br>
iptables: Chain already exists.<br></div><div><br></div><div>iptables -L -n<br>Chain INPUT (policy ACCEPT)<br>target     prot opt source               destination<br>QUERY-CHECK  udp  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           udp dpts:27000:30000<br>
<br>Chain FORWARD (policy ACCEPT)<br>target     prot opt source               destination<br><br>Chain OUTPUT (policy ACCEPT)<br>target     prot opt source               destination<br><br>Chain QUERY-BLOCK (1 references)<br>
target     prot opt source               destination<br>DROP       all  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           recent: SET name: blocked-hosts side: source<br>
<br>Chain QUERY-CHECK (1 references)<br>target     prot opt source               destination<br>RETURN     udp  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           STRING match !&quot;getstatus&quot; ALGO name bm FROM 32 TO 41<br>
DROP       udp  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           udp spts:0:1025<br>DROP       udp  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           udp spt:3074<br>
DROP       udp  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           udp spt:7777<br>DROP       udp  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           udp spts:27015:27100<br>
DROP       udp  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           udp spt:25200<br>DROP       udp  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           udp spt:25565<br>
DROP       all  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           recent: UPDATE seconds: 30 hit_count: 1 name: blocked-hosts side: source<br>RETURN     all  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a>           limit: up to 2/sec burst 5 mode srcip<br>
QUERY-BLOCK  all  --  <a href="http://0.0.0.0/0">0.0.0.0/0</a>            <a href="http://0.0.0.0/0">0.0.0.0/0</a><br></div><div><br></div><div>Should I be concerned with &quot; iptables: Chain already exists.&quot;? </div>
<br><br><div class="gmail_quote">On Thu, Feb 23, 2012 at 9:44 AM, Marco Padovan <span dir="ltr">&lt;<a href="mailto:evcz@evcz.tk">evcz@evcz.tk</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    <font size="-1"><font face="Verdana">sure, do it :)</font></font><br>
    <br>
    Il 23/02/2012 15:44, escapedturkey ha scritto:
    <div><div class="h5"><blockquote type="cite">
      <div>I support most Q3 engine games. Some go beyond the range
        specified in the original post.<br>
      </div>
      <div><br>
      </div>
      <div>Can I change:</div>
      <div><br>
      </div>
      <div>iptables -A INPUT -p udp --dport 27960:29000 -j QUERY-CHECK<br>
      </div>
      <div><br>
      </div>
      <div>To:</div>
      <div><br>
      </div>
      <div>iptables -A INPUT -p udp --dport 27000:30000 -j QUERY-CHECK<br>
      </div>
      <div><br>
      </div>
      <div>Or will that cause problems? </div>
      <div><br>
      </div>
      <div>Ex: JK2 =28070 JA = 29070 </div>
      <br>
      <div class="gmail_quote">On Thu, Feb 23, 2012 at 9:30 AM, Marco
        Padovan <span dir="ltr">&lt;<a href="mailto:evcz@evcz.tk" target="_blank">evcz@evcz.tk</a>&gt;</span>
        wrote:<br>
        <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
          <div bgcolor="#FFFFFF" text="#000000"> <font size="-1"><font face="Verdana">Let us know if that works ;)</font></font><br>
            <br>
            Il 23/02/2012 15:20, escapedturkey ha scritto:
            <div>
              <div>
                <blockquote type="cite">Thank you. Much appreciated. =)<br>
                  <br>
                  <div class="gmail_quote">On Thu, Feb 23, 2012 at 7:33
                    AM, Marco Padovan <span dir="ltr">&lt;<a href="mailto:evcz@evcz.tk" target="_blank">evcz@evcz.tk</a>&gt;</span>
                    wrote:<br>
                    <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                      <div bgcolor="#FFFFFF" text="#000000"> <font size="-1"><font face="Verdana">Ehm,<br>
                            nope :D<br>
                            <br>
                            You need all the lines John posted:<br>
                            <br>
                          </font></font><a href="http://icculus.org/pipermail/cod/2012-January/015861.html" target="_blank">http://icculus.org/pipermail/cod/2012-January/015861.html</a><br>
                        <br>
                        To make it works in centos5 / 6 change into that
                        ruleset:
                        <div><br>
                          iptables -A QUERY-CHECK -m hashlimit
                          --hashlimit-mode srcip --hashlimit-name
                          getstatus --hashlimit-above 2/second -j
                          QUERY-BLOCK<br>
                          <font size="-1"><font face="Verdana"><br>
                              in this way (two different lines):<br>
                              iptables -A QUERY-CHECK -m hashlimit
                              --hashlimit-mode srcip --hashlimit-name
                              getstatus --hashlimit 2/s -j RETURN<br>
                              iptables -A QUERY-CHECK -j QUERY-BLOCK<br>
                            </font></font><br>
                        </div>
                        <font size="-1"><font face="Verdana">all the
                            other rules should be kept as they are :)<br>
                          </font></font><br>
                        Il 23/02/2012 13:10, escapedturkey ha scritto:
                        <div>
                          <div>
                            <blockquote type="cite">
                              <div>Thank you. I missed those lines.<br>
                              </div>
                              <div><br>
                              </div>
                              <div>Here is what I have so far:</div>
                              <div><br>
                              </div>
                              <div>/sbin/iptables -N QUERY-BLOCK<br>
                                /sbin/iptables -A QUERY-BLOCK -m recent
                                --set --name blocked-hosts -j DROP<br>
                                /sbin/iptables -A QUERY-CHECK -m
                                hashlimit --hashlimit-mode srcip
                                --hashlimit-name getstatus --hashlimit
                                2/s -j RETURN<br>
                                /sbin/iptables -A QUERY-CHECK -j
                                QUERY-BLOCK</div>
                              <div><br>
                              </div>
                              <div>Is this correct? </div>
                              <div><br>
                              </div>
                              <div>Thank you again. =)</div>
                              <br>
                              <div class="gmail_quote">On Thu, Feb 23,
                                2012 at 5:32 AM, Marco Padovan <span dir="ltr">&lt;<a href="mailto:evcz@evcz.tk" target="_blank">evcz@evcz.tk</a>&gt;</span>
                                wrote:<br>
                                <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                  <div bgcolor="#FFFFFF" text="#000000">
                                    <font size="-1"><font face="Verdana">did
                                        you issued all the other
                                        commands?<br>
                                        <br>
                                        like:<br>
                                        <br>
                                      </font></font>
                                    <div>iptables -N QUERY-BLOCK<br>
                                      iptables -A QUERY-BLOCK -m recent
                                      --set --name blocked-hosts -j DROP<br>
                                      <br>
                                    </div>
                                    ?<br>
                                    <br>
                                    Il 23/02/2012 03:54, escapedturkey
                                    ha scritto:
                                    <div>
                                      <div>
                                        <blockquote type="cite">
                                          <div>iptables v1.4.7: Couldn&#39;t
                                            load target
                                            `QUERY-BLOCK&#39;:/lib64/xtables/libipt_QUERY-BLOCK.so:
                                            cannot open shared object
                                            file: No such file or
                                            directory<br>
                                          </div>
                                          <div><br>
                                          </div>
                                          <div>Any ideas?</div>
                                          <br>
                                          <br>
                                          <div class="gmail_quote"> On
                                            Wed, Feb 22, 2012 at 4:51
                                            PM, Marco Padovan <span dir="ltr">&lt;<a href="mailto:evcz@evcz.tk" target="_blank">evcz@evcz.tk</a>&gt;</span>
                                            wrote:<br>
                                            <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                              <div bgcolor="#FFFFFF" text="#000000"> <font size="-1"><font face="Verdana">on
                                                    centos5 and centos6<br>
                                                    <br>
                                                    modifying this line:<br>
                                                  </font></font>
                                                <div>iptables -A
                                                  QUERY-CHECK -m
                                                  hashlimit
                                                  --hashlimit-mode srcip
                                                  --hashlimit-name
                                                  getstatus
                                                  --hashlimit-above
                                                  2/second -j
                                                  QUERY-BLOCK<br>
                                                </div>
                                                <font size="-1"><font face="Verdana"><br>
                                                    in this way (two
                                                    different lines):<br>
                                                    iptables -A
                                                    QUERY-CHECK -m
                                                    hashlimit
                                                    --hashlimit-mode
                                                    srcip
                                                    --hashlimit-name
                                                    getstatus
                                                    --hashlimit 2/s -j
                                                    RETURN<br>
                                                    iptables -A
                                                    QUERY-CHECK -j
                                                    QUERY-BLOCK<br>
                                                    <br>
                                                    should mimic the
                                                    same behaviour<br>
                                                  </font></font><br>
                                                Il 22/02/2012 18:43,
                                                Geoff Goas ha scritto:
                                                <div>
                                                  <div>
                                                    <blockquote type="cite">Hi,<br>
                                                      <br>
                                                      On CentOS 5.5, <i style="font-family:courier new,monospace">--hashlimit-above</i>
                                                      is not a valid
                                                      option for the
                                                      &quot;hashlimit&quot; match.
                                                      Which version of
                                                      iptables
                                                      introduces this,
                                                      and how can I
                                                      mimic that same
                                                      ruleset with the
                                                      options available
                                                      to me in version
                                                      1.3.5 of iptables?<br>
                                                      <br>
                                                      Thanks,<br>
                                                      <br>
                                                      <div class="gmail_quote">On

                                                        Fri, Jan 20,
                                                        2012 at 7:51 PM,
                                                        John <span dir="ltr">&lt;<a href="mailto:lists.cod@nuclearfallout.net" target="_blank">lists.cod@nuclearfallout.net</a>&gt;</span>
                                                        wrote:<br>
                                                        <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                                          <div bgcolor="#FFFFFF" text="#000000">
                                                          <div> On
                                                          1/20/2012 3:27
                                                          PM, Marco
                                                          Padovan wrote:
                                                          </div>
                                                          <blockquote type="cite"><font size="-1"><font face="Verdana">
                                                          <div>I was
                                                          referring to
                                                          dynamic
                                                          filtering
                                                          using -m
                                                          recent<br>
                                                          <br>
                                                          </div>
                                                          [not] to
                                                          manually
                                                          adding IPs O.o</font></font></blockquote>
                                                          <br>
                                                          Marco&#39;s right
                                                          about this.
                                                          The most
                                                          effective way
                                                          to prevent
                                                          effects from
                                                          these attacks
                                                          on Linux is to
                                                          use a
                                                          combination of
                                                          the &quot;string&quot;,
                                                          &quot;hashlimit&quot;,
                                                          and &quot;recent&quot;
                                                          modules. Done
                                                          right, the
                                                          solution is
                                                          mostly
                                                          automatic, so
                                                          you shouldn&#39;t
                                                          need to
                                                          manually add
                                                          IPs.<br>
                                                          <br>
                                                          These
                                                          commands, for
                                                          instance,
                                                          would block
                                                          external IPs
                                                          that send
                                                          queries at a
                                                          rate of
                                                          2/second or
                                                          higher:<br>
                                                          <br>
                                                          # add a host
                                                          to the banlist
                                                          and then drop
                                                          the packet.<br>
                                                          iptables -N
                                                          QUERY-BLOCK<br>
                                                          iptables -A
                                                          QUERY-BLOCK -m
                                                          recent --set
                                                          --name
                                                          blocked-hosts
                                                          -j DROP<br>
                                                          <br>
                                                          # is this a
                                                          query packet?
                                                          if so, block
                                                          commonly
                                                          attacked ports
                                                          outright, <br>
                                                          # then see if
                                                          it&#39;s a known
                                                          attacking IP,
                                                          then see if it
                                                          is sending at
                                                          a high<br>
                                                          # rate and
                                                          should be
                                                          added to the
                                                          list of known
                                                          attacking IPs.<br>
                                                          iptables -N
                                                          QUERY-CHECK<br>
                                                          iptables -A
                                                          QUERY-CHECK -p
                                                          udp -m string
                                                          ! --string
                                                          &quot;getstatus&quot;
                                                          --algo bm
                                                          --from 32 --to
                                                          41 -j RETURN<br>
                                                          iptables -A
                                                          QUERY-CHECK -p
                                                          udp --sport
                                                          0:1025 -j DROP<br>
                                                          iptables -A
                                                          QUERY-CHECK -p
                                                          udp --sport
                                                          3074 -j DROP<br>
                                                          iptables -A
                                                          QUERY-CHECK -p
                                                          udp --sport
                                                          7777 -j DROP<br>
                                                          iptables -A
                                                          QUERY-CHECK -p
                                                          udp --sport
                                                          27015:27100 -j
                                                          DROP<br>
                                                          iptables -A
                                                          QUERY-CHECK -p
                                                          udp --sport
                                                          25200 -j DROP<br>
                                                          iptables -A
                                                          QUERY-CHECK -p
                                                          udp --sport
                                                          25565 -j DROP<br>
                                                          # is it
                                                          already
                                                          blocked?
                                                          continue
                                                          blocking it
                                                          and update the
                                                          counter so it<br>
                                                          # gets blocked
                                                          for at least
                                                          another 30
                                                          seconds.<br>
                                                          iptables -A
                                                          QUERY-CHECK -m
                                                          recent
                                                          --update
                                                          --name
                                                          blocked-hosts
                                                          --seconds 30
                                                          --hitcount 1
                                                          -j DROP<br>
                                                          # check to see
                                                          if it exceeds
                                                          our rate
                                                          threshold,<br>
                                                          # and add it
                                                          to the list if
                                                          it does.<br>
                                                          iptables -A
                                                          QUERY-CHECK -m
                                                          hashlimit
                                                          --hashlimit-mode
                                                          srcip
                                                          --hashlimit-name
                                                          getstatus
                                                          --hashlimit-above
                                                          2/second -j
                                                          QUERY-BLOCK<br>
                                                          <br>
                                                          # look at all
                                                          the packets
                                                          going to
                                                          q3/cod*/et/etc
                                                          servers<br>
                                                          iptables -A
                                                          INPUT -p udp
                                                          --dport
                                                          27960:29000 -j
                                                          QUERY-CHECK<br>
                                                          <br>
                                                          The &quot;recent&quot;
                                                          module makes
                                                          it possible to
                                                          block up to
                                                          100 IPs at
                                                          once with this
                                                          method (any
                                                          attackers
                                                          beyond this
                                                          would only be
                                                          rate-limited).
                                                          That number
                                                          can be raised
                                                          when the
                                                          module is
                                                          loaded, but I
                                                          haven&#39;t seen
                                                          100 attacks
                                                          happening at
                                                          once yet
                                                          (typically
                                                          it&#39;s maybe
                                                          5-20 at once).
                                                          You can see
                                                          blocked hosts
                                                          later by
                                                          looking at
                                                          /proc/net/xt_recent/blocked-hosts.<br>
                                                          <br>
                                                          (If you don&#39;t
                                                          have &quot;recent&quot;,
                                                          you could get
                                                          away without
                                                          it -- just be
                                                          aware that
                                                          some of the
                                                          packets will
                                                          get through,
                                                          increasing
                                                          load on the
                                                          game server.
                                                          Without
                                                          &quot;hashlimit&quot;,
                                                          you&#39;d still
                                                          see an
                                                          advantage from
                                                          the port
                                                          checks, but
                                                          you&#39;d need to
                                                          manually block
                                                          IPs that are
                                                          being hit on
                                                          other ports.
                                                          Without
                                                          &quot;string&quot;,
                                                          you&#39;d
                                                          similarly be
                                                          down to just
                                                          port checks,
                                                          and need to
                                                          take out the
                                                          other rules.)<span><font color="#888888"><br>
                                                          <br>
                                                          -John<br>
                                                          </font></span></div>
                                                          <br>
_______________________________________________<br>
                                                          cod mailing
                                                          list<br>
                                                          <a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><br>
                                                          <a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
                                                          <br>
                                                        </blockquote>
                                                      </div>
                                                      <br>
                                                      <br clear="all">
                                                      <br>
                                                      -- <br>
                                                      <i><b><font size="1"><span style="font-family:tahoma,sans-serif">Geoff Goas</span><br style="font-family:tahoma,sans-serif">
                                                          <span style="font-family:tahoma,sans-serif">Systems



                                                          Engineer</span></font></b></i><br>
                                                      <br>
                                                      <br>
                                                      <br>
                                                      <pre>_______________________________________________
cod mailing list
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a>
</pre>
                                                    </blockquote>
                                                  </div>
                                                </div>
                                              </div>
                                              <br>
_______________________________________________<br>
                                              cod mailing list<br>
                                              <a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><br>
                                              <a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
                                              <br>
                                            </blockquote>
                                          </div>
                                          <br>
                                          <br clear="all">
                                          <br>
                                          -- <br>
                                          <div>EscapedTurkey.com Billing
                                            and Support<br>
                                          </div>
                                          <div><a href="https://www.escapedturkey.com/helpdesk" target="_blank">https://www.escapedturkey.com/helpdesk</a></div>
                                          <br>
                                          <br>
                                          <br>
                                          <pre>_______________________________________________
cod mailing list
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a>
</pre>
                                        </blockquote>
                                      </div>
                                    </div>
                                  </div>
                                  <br>
_______________________________________________<br>
                                  cod mailing list<br>
                                  <a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><br>
                                  <a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
                                  <br>
                                </blockquote>
                              </div>
                              <br>
                              <br clear="all">
                              <br>
                              -- <br>
                              <div>EscapedTurkey.com Billing and Support<br>
                              </div>
                              <div><a href="https://www.escapedturkey.com/helpdesk" target="_blank">https://www.escapedturkey.com/helpdesk</a></div>
                              <br>
                              <br>
                              <br>
                              <pre>_______________________________________________
cod mailing list
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a>
</pre>
                            </blockquote>
                          </div>
                        </div>
                      </div>
                      <br>
                      _______________________________________________<br>
                      cod mailing list<br>
                      <a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><br>
                      <a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
                      <br>
                    </blockquote>
                  </div>
                  <br>
                  <br clear="all">
                  <br>
                  -- <br>
                  <div>EscapedTurkey.com Billing and Support<br>
                  </div>
                  <div><a href="https://www.escapedturkey.com/helpdesk" target="_blank">https://www.escapedturkey.com/helpdesk</a></div>
                  <br>
                  <br>
                  <br>
                  <pre>_______________________________________________
cod mailing list
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a>
</pre>
                </blockquote>
              </div>
            </div>
          </div>
          <br>
          _______________________________________________<br>
          cod mailing list<br>
          <a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><br>
          <a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
          <br>
        </blockquote>
      </div>
      <br>
      <br clear="all">
      <br>
      -- <br>
      <div>EscapedTurkey.com Billing and Support<br>
      </div>
      <div><a href="https://www.escapedturkey.com/helpdesk" target="_blank">https://www.escapedturkey.com/helpdesk</a></div>
      <br>
      <br>
      
      <br>
      <pre>_______________________________________________
cod mailing list
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a>
</pre>
    </blockquote>
  </div></div></div>

<br>_______________________________________________<br>
cod mailing list<br>
<a href="mailto:cod@icculus.org">cod@icculus.org</a><br>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div>EscapedTurkey.com Billing and Support<br></div><div><a href="https://www.escapedturkey.com/helpdesk" target="_blank">https://www.escapedturkey.com/helpdesk</a></div>
<br>