Open rabi07 opened 1 week ago
Update :
somehow i managed to install
modified this
debug := flag.Bool("debug", true, "enable debug logs")
gIP := flag.String("gameIP", "my Server public IP", "IP of the game server")
gPort := flag.Int("gamePort", 27015, "port for the game server")
host := flag.String("ip", "127.0.0.1", "IP that UDP server should listen on")
port := flag.Int("port", 9000, "port UDP server should listen on")
when ddos happening getting error like this
024-06-26T21:59:51.242+0530 DEBUG poller/poller.go:138 successfully polled A2S_PLAYER
2024-06-26T22:00:01.240+0530 DEBUG poller/poller.go:71 polling A2S_INFO from server...
2024-06-26T22:00:01.241+0530 DEBUG poller/poller.go:138 successfully polled A2S_INFO
2024-06-26T22:00:01.241+0530 DEBUG poller/poller.go:71 polling A2S_PLAYER from server...
2024-06-26T22:00:01.242+0530 DEBUG poller/poller.go:138 successfully polled A2S_PLAYER
2024-06-26T22:00:11.240+0530 DEBUG poller/poller.go:71 polling A2S_INFO from server...
2024-06-26T22:00:14.242+0530 ERROR poller/poller.go:101 A2S_INFO poll timed out
github.com/Augiro/a2s-cache/poller.(*Poller).execQuery.func2
/home/ubuntu/a2s-cache/poller/poller.go:101
2024-06-26T22:00:14.242+0530 ERROR poller/poller.go:50 poll failed: A2S_INFO poll failed: unable to read server over UDP: read udp4 172.31.34.141:40862->22.24.244.244:27015: use of closed network connection
github.com/Augiro/a2s-cache/poller.(*Poller).Start
/home/ubuntu/a2s-cache/poller/poller.go:50
main.main.func1
/home/ubuntu/a2s-cache/main.go:44
golang.org/x/sync/errgroup.(*Group).Go.func1
/root/go/pkg/mod/golang.org/x/sync@v0.5.0/errgroup/errgroup.go:75
2024-06-26T22:00:21.241+0530 DEBUG poller/poller.go:71 polling A2S_INFO from server...
2024-06-26T22:00:24.242+0530 ERROR poller/poller.go:101 A2S_INFO poll timed out
github.com/Augiro/a2s-cache/poller.(*Poller).execQuery.func2
/home/ubuntu/a2s-cache/poller/poller.go:101
2024-06-26T22:00:24.242+0530 ERROR poller/poller.go:50 poll failed: A2S_INFO poll failed: unable to read server over UDP: read udp4 172.31.34.141:52815->22.24.244.244:27015: use of closed network connection
github.com/Augiro/a2s-cache/poller.(*Poller).Start
/home/ubuntu/a2s-cache/poller/poller.go:50
main.main.func1
/home/ubuntu/a2s-cache/main.go:44
golang.org/x/sync/errgroup.(*Group).Go.func1
/root/go/pkg/mod/golang.org/x/sync@v0.5.0/errgroup/errgroup.go:75
2024-06-26T22:00:31.240+0530 DEBUG poller/poller.go:71 polling A2S_INFO from server...
2024-06-26T22:00:34.242+0530 ERROR poller/poller.go:101 A2S_INFO poll timed out
github.com/Augiro/a2s-cache/poller.(*Poller).execQuery.func2
/home/ubuntu/a2s-cache/poller/poller.go:101
2024-06-26T22:00:34.242+0530 ERROR poller/poller.go:50 poll failed: A2S_INFO poll failed: unable to read server over UDP: read udp4 172.31.34.141:39026->22.24.244.244:27015: use of closed network connection
github.com/Augiro/a2s-cache/poller.(*Poller).Start
/home/ubuntu/a2s-cache/poller/poller.go:50
main.main.func1
/home/ubuntu/a2s-cache/main.go:44
golang.org/x/sync/errgroup.(*Group).Go.func1
/root/go/pkg/mod/golang.org/x/sync@v0.5.0/errgroup/errgroup.go:75
2024-06-26T22:00:41.241+0530 DEBUG poller/poller.go:71 polling A2S_INFO from server...
2024-06-26T22:00:44.242+0530 ERROR poller/poller.go:101 A2S_INFO poll timed out
github.com/Augiro/a2s-cache/poller.(*Poller).execQuery.func2
/home/ubuntu/a2s-cache/poller/poller.go:101
2024-06-26T22:00:44.242+0530 ERROR poller/poller.go:50 poll failed: A2S_INFO poll failed: unable to read server over UDP: read udp4 172.31.34.141:42112->22.24.244.244:27015: use of closed network connection
github.com/Augiro/a2s-cache/poller.(*Poller).Start
/home/ubuntu/a2s-cache/poller/poller.go:50
main.main.func1
/home/ubuntu/a2s-cache/main.go:44
im using one vm for eveyting do i need two? one for the script and one for game server?
I will fix some documentation this weekend.
im using one vm for eveyting do i need two? one for the script and one for game server?
What kind of setup do you have? Is it hosted from home? If you have 2 VMs on a machine with the same internet connection, it probably won't help much.
I also recommend doing a tcpdump while an attack is happening, then you can open it in Wireshark and see what kind of traffic your server is getting. If it's not specifically flooding it with A2S requests you won't have much help from this type of cache.
Also, you have to setup your firewall so that A2S requests are redirected to this cache (so those packets get sent to i.e. port 9000 instead of 27015). If you haven't done this, the cache will also do nothing.
I personally host some servers with my home connection, then tunnel all traffic to a VPS on Linode (so it appears as though all servers have the IP of my Linode server), and host this cache on the VPS as well. Then any DDoS will just target the Linode server and not my actual home server. This has worked well for me, since Linode also has DDoS protection for free.
im using AWS EC2, i can have 2 VM with same VPC , its this will help ddos
i think i did not setup any firewall for 9000 from ip table but i open 9000 port for security group
i like to have simmler solultion like i will have 2 vm one for tunnel and one for game server will it work ?
message.txt Im getting this type of request
If you tried SourceEngineQueryCacher before and got it to work, you probably did this
iptables -t nat -A PREROUTING -p udp --dport 27015 --match string --algo kmp --hex-string '|FFFFFFFF54|' -j REDIRECT --to-ports 9110
iptables -t nat -A PREROUTING -p udp --dport 27015 --match string --algo kmp --hex-string '|FFFFFFFF55|' -j REDIRECT --to-ports 9110
iptables -t nat -A PREROUTING -p udp --dport 27015 --match string --algo kmp --hex-string '|FFFFFFFF41|' -j REDIRECT --to-ports 9110
This is what redirects those packets from 27015 to port 9110 in that case. Simplest solution to test this would be to run this cache on the same port (9110) and it should work.
What happened in the log you sent from the 2nd post is that DDoS simply got through to your server and then the cache couldn't access it.
i like to have simmler solultion like i will have 2 vm one for tunnel and one for game server will it work ?
Yes, but you can start with just 1 VM in your case, and see how well it works.
I'm getting this error
gIP := flag.String("gameIP", "13.234.5.11", "IP of the game server")
gPort := flag.Int("gamePort", 27015, "port for the game server")
host := flag.String("ip", "127.0.0.1", "IP that UDP server should listen on")
port := flag.Int("port", 9110, "port UDP server should listen on")
flag.Parse()
not sure gameIP" should i put public ip or private ip
gIP := flag.String("gameIP", "13.234.5.11", "IP of the game server") gPort := flag.Int("gamePort", 27015, "port for the game server") host := flag.String("ip", "127.0.0.1", "IP that UDP server should listen on") port := flag.Int("port", 9110, "port UDP server should listen on") flag.Parse()
not sure gameIP" should i put public ip or private ip
Most likely your private IP.
running, lets wait for ddos
If you tried SourceEngineQueryCacher before and got it to work, you probably did this
iptables -t nat -A PREROUTING -p udp --dport 27015 --match string --algo kmp --hex-string '|FFFFFFFF54|' -j REDIRECT --to-ports 9110 iptables -t nat -A PREROUTING -p udp --dport 27015 --match string --algo kmp --hex-string '|FFFFFFFF55|' -j REDIRECT --to-ports 9110 iptables -t nat -A PREROUTING -p udp --dport 27015 --match string --algo kmp --hex-string '|FFFFFFFF41|' -j REDIRECT --to-ports 9110
This is what redirects those packets from 27015 to port 9110 in that case. Simplest solution to test this would be to run this cache on the same port (9110) and it should work.
What happened in the log you sent from the 2nd post is that DDoS simply got through to your server and then the cache couldn't access it.
If I add this ,I'm unable to see the server on Steam game server list
Bro im haveing cs2 server, its going through daily DDoS attack please provide some doc to setup it im new to this
thanks much