ioquake3 trunk already contains a DRDoS fix. However they're still not handling getinfo, only getstatus is handled in their code.
Their way of fixing the DRDoS exploit is slightly different from mine. I would not say that mine is better than theirs, nor would I say that theirs is better than mine.
In their version of the code, they are using a "leaky bucket" algorithm. For any specific IP address, they allow 10 getstatus responses in a "burst". It takes 1 second for each record from a specific IP to "expire", so that during a sustained attack to a specific IP address only 1 getstatus response per second gets sent.
They also do a leaky bucket for non-IP-specific responses. They allow 10 getstatus responses to any IP address in burst mode, then each record expires in 100 milliseconds. So, during a hypothetical attack which sends getstatus responses to arbitrary IP addresses, only 10 getstatus responses per second are possible. Yeah, in fact 10 getstatus responses per second is kind of a small number in my opinion.
The way my code works is it allows a total of 48 getinfo+getstatus (combined) responses per the previous 2 seconds. To any specific IP address, the number of responses (getinfo+getstatus) is throttled to 3 per the previous 2 seconds.
One additional thing that my code does is when throttling to specific IP addresses it only looks at A.B.C.* in an IP address such as A.B.C.D. So for example 64.156.193.115 and 64.156.193.234 are treated as the same IP address for purposes of throttling. Just a minor thing for attempting to prevent an entire network from being DDoS'ed.
One last thing. If you're looking for the code differences that were made to the ioUrTded binary (changed from original ioquake3) back when 4.1 was released, you can see svn://porky.nerius.com/repos/ioUrT-server-4.1/urt-patch/ioUrT-4.1-server-r1240-ioquake3.patch . This has the changes that were made from ioquake3 code to the UrT server binary.
Barbatos if you need any help let me know.
This post has been edited by Rambetter: 17 January 2012 - 09:34 PM