Kategorie: Wolffiles Wolffiles


Autor: schnoog Verfasst am 30. 01. 2011
Q3 - Getstatus Exploit - IPTables - workaround
Like the most concerned serveradmins know, the Q3-Engine as actually abused to generate a high datavalume over the net.

For admins of ET 2.60B server, YADA from staatsschutz.org developed a patch to limit the responsed from attacked server to 1 every 4 seconds.
Read more about the "bug" and the patch here

Since this patch only fits 2.60B server, I developed a quick and dirty script to stop the
getstatus-packets with iptables from reaching your gameserver engine from offending sources.
You`re free to set the limit of request from an IP per second.
(Abusers often send over 200 requests per second)

Hint: Run the script with a cron-job every 10 minutes.

This script should work for the most Q3 engine based game server

The script automatically add Drops in iptables for offending IPs, and check with the next run if the attacks from this IP still goes on. If not, the Drop rule will be released.

You can find the concerning forum thread here

The script is for download available here

Drucken