SailorMon, on 11 March 2012 - 10:41 AM, said:
Are you sure that clients need to be updated, too? Aren't they getting the info from the master server, or just a list of IPs that they proceed to query themselves? Because if the getstatus command is issued only in-game, then the server must only check if the sender is on the server.
The master severs are under FS, if I'm not mistaken. So they're easily patchable. As for the other servers - FS already saidt they will de-list the ones which haven't updated to the latest version, so they could do that again.
Alternatively, if this isn't an option, just publish a list of secure IPs (master servers, well-known trackers) and block everything else via iptables...
Hi guys,
I joined your forum just to let you know that I'd like to help you with finding the right solution to this problem. I'm running a game that is based on Q3 code with custom master server and my ISP almost disconnected my servers because of these DRDoS issues. If you're about to implement a proper fix for this with TCP getstatus/getinfo and player session init and UDP for game packets, let me know. I don't find these firewall rules and in-game ban patches a sufficient protection.
Thanks,
Adam