• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

DDos attack blocking connections on port 7171

tdp157

tdp157

Member
Joined
Oct 14, 2014
Messages
29
Reaction score
12
hello, I would like help, when I suffer a ddos attack my hosting anti ddos takes about 30 seconds to start mitigating, even after mitigating the attack or the same stop by itself my server is no longer able to receive connections on TCP port 7171. would it be possible to create some Watchdog in the server's source code to reset connections on tcp port 7171 every 30 seconds?

I use OTX 2 version 0.7
 
Sort by date Sort by votes
tdp157 said:
hello, I would like help, when I suffer a ddos attack my hosting anti ddos takes about 30 seconds to start mitigating, even after mitigating the attack or the same stop by itself my server is no longer able to receive connections on TCP port 7171. would it be possible to create some Watchdog in the server's source code to reset connections on tcp port 7171 every 30 seconds?

I use OTX 2 version 0.7
Click to expand...
1. Use iptables to configure connections limit per IP per second/minute.
Example with ports 7000-8000 and 3 rules:
  • max 10 connections in same time from 1 IP
  • max 40 new connections per minute from 1 IP
  • max 2 new connections per second from 1 IP
Code: 
sudo iptables -A INPUT -p tcp --syn --dport 7000:8000 -m connlimit --connlimit-above 10 --connlimit-mask 32 -j REJECT --reject-with tcp-reset
sudo iptables -A INPUT -p tcp --dport 7000:8000 -m state --state NEW -m hashlimit --hashlimit-mode srcip --hashlimit-above 40/min --hashlimit-burst 40 --hashlimit-name ots_conn_rate_min -j REJECT --reject-with tcp-reset
sudo iptables -A INPUT -p tcp --dport 7000:8000 -m state --state NEW -m hashlimit --hashlimit-mode srcip --hashlimit-above 2/sec --hashlimit-burst 2 --hashlimit-name ots_conn_rate_sec -j REJECT --reject-with tcp-reset
2. If it's OVH, you can go panel and configure anti-ddos to work in 0 seconds, not 30.
Default OVH anti-ddos mode is: analyse network traffic for DDoS, if detected: enable anti-ddos [it takes 0-120 second].
You can configure it to pass all network traffic thru anti-ddos system, then it will enable protection in 0 seconds.

Mass connections to port 7171 often blocks port 7171 by hitting default Linux limit of 1024 connections per application (ex. OTS).
Here is my tutorial how to reconfigure it to very high values (it's in polish, but few people did it with Google Translate and it worked):
github.com

tutorials/polish/konfiguracja-serwera-linux/8-konfiguracja-limitu-otwartych-plikow.md at master · gesior/tutorials

Contribute to gesior/tutorials development by creating an account on GitHub.
github.com github.com
 
Upvote 0 Downvote
Gesior.pl said:
1. Use iptables to configure connections limit per IP per second/minute.
Example with ports 7000-8000 and 3 rules:
  • max 10 connections in same time from 1 IP
  • max 40 new connections per minute from 1 IP
  • max 2 new connections per second from 1 IP
Code: 
sudo iptables -A INPUT -p tcp --syn --dport 7000:8000 -m connlimit --connlimit-above 10 --connlimit-mask 32 -j REJECT --reject-with tcp-reset
sudo iptables -A INPUT -p tcp --dport 7000:8000 -m state --state NEW -m hashlimit --hashlimit-mode srcip --hashlimit-above 40/min --hashlimit-burst 40 --hashlimit-name ots_conn_rate_min -j REJECT --reject-with tcp-reset
sudo iptables -A INPUT -p tcp --dport 7000:8000 -m state --state NEW -m hashlimit --hashlimit-mode srcip --hashlimit-above 2/sec --hashlimit-burst 2 --hashlimit-name ots_conn_rate_sec -j REJECT --reject-with tcp-reset
2. If it's OVH, you can go panel and configure anti-ddos to work in 0 seconds, not 30.
Default OVH anti-ddos mode is: analyse network traffic for DDoS, if detected: enable anti-ddos [it takes 0-120 second].
You can configure it to pass all network traffic thru anti-ddos system, then it will enable protection in 0 seconds.

Mass connections to port 7171 often blocks port 7171 by hitting default Linux limit of 1024 connections per application (ex. OTS).
Here is my tutorial how to reconfigure it to very high values (it's in polish, but few people did it with Google Translate and it worked):
github.com

tutorials/polish/konfiguracja-serwera-linux/8-konfiguracja-limitu-otwartych-plikow.md at master · gesior/tutorials

Contribute to gesior/tutorials development by creating an account on GitHub.
github.com github.com
Click to expand...
thank you so much it solved my problem.
 
Upvote 0 Downvote
hello @Gesior.pl

I have the same problem, it manages to congest my port 7171 (login) and my players can't log in, but the game port 7172 normally works, I use OVH, do you have any tips on how to configure my firewall there? which ports should I block? or this tutorial you gave, solving my problem?
 
Upvote 0 Downvote

Similar threads

Epsilons
  • Question
OTClient Stuck on "Please wait : Connecting to login server" (ERROR: got a network message with invalid checksum)
Replies
10
Views
596
Epsilons
Epsilons
L
How can I stop a DDoS attack?
Replies
7
Views
850
highsanta
highsanta
Back
Top