I tend to put the rcon ports on a new port via commandline so you can control it via iptables on a separate branch. Hope this helps.
-----Original Message----- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Drav Sloan Sent: 21 March 2011 16:17 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] orangebox exploit Christoffer Pedersen wrote: > Block packets with that byte size on the specified port with iptables. That _appears_ to be a TCP (not udp) packet (almost all "game packets" are udp). The only TCP traffic is for RCON (tho that tends to be on 27015 and not 27115). Maybe you want to do the opposite for this port, lock it down so no-one has access, and then add rules for the IPs you do want access to RCON (this will not interrupt "normal" server access, but just restrict from where RCON connections can be made) _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
