Have followed your suggestion. Have also installed denyhost. How can i test my ports and security?
//Daniel David A. Parker skrev: > Why lock down those ports to specific master server or update server > IPs? That really ties your hands if a server goes down or Valve decides > to change an IP address. > > Master server traffic is UDP, but I think downloading updates is done > over TCP. I have iptables rules on my game servers to allow the > following in and drop everything else: > > TCP 27015 (for rcon) > UDP 1200 > UDP 27000-27015 > > ICMP echo-request > ICMP echo-reply > ICMP destination-unreachable > ICMP time-exceeded > > TCP ESTABLISHED/RELATED > UDP ESTABLISHED/RELATED > > I don't block any outgoing traffic on these servers. This setup works > very well for me and I never seem to have any connectivity problems. > > - Dave > > Daniel Nilsson wrote: > >> Im in progress of securing my debian box with some well formatted lines >> of rules. What i would like to do is the following. >> >> 1. Block everything in and out >> 2. Allow needed things in and out. >> >> Atm im allowing udp connections to my server for my clients. Tcp >> connection is only allowed if the source is correct. (for the stats and >> some more) >> >> But i have some problems. Update will not work, neither connection to >> the master server. >> >> So the question is what ip´s does those update/masterservers have? >> And what ports do i need to open up so my server can be updated and >> connect to the master/update server? >> vac server ip? >> And also are those ip´s tcp or udp? >> More ip´s i need to open up against? >> >> >> //Daniel >> >> >> __________ Information from ESET NOD32 Antivirus, version of virus signature >> database 4706 (20091221) __________ >> >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com >> >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> >> > > __________ Information from ESET NOD32 Antivirus, version of virus signature database 4710 (20091222) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
