Well done, thanks for sharing this Mitch!
Well done, thanks for sharing this Mitch!
"Don't worry if your code doesn't work correctly - if everything worked, you would not work" ~Mosher's right
Thanks. I just edit my code so people with a valid guid are always accepted.
I am now using iptables to limit the number of connect each second. (same rules as limiting getstatus)
PHP Code:
iptables -N CQUERY-BLOCK
iptables -A CQUERY-BLOCK -m recent --set --name cblocked-hosts -j DROP
iptables -N CQUERY-CHECK
iptables -A CQUERY-CHECK -p udp -m string ! --string "connect" --algo bm --from 32 --to 39 -j RETURN
iptables -A CQUERY-CHECK -m recent --update --name cblocked-hosts --seconds 30 --hitcount 1 -j DROP
iptables -A CQUERY-CHECK -m hashlimit --hashlimit-mode srcip --hashlimit-name cod2connect --hashlimit-above 2/second -j CQUERY-BLOCK
iptables -A INPUT -p udp --dport 27960:29000 -j CQUERY-CHECK