Each UDP packet has a header and a payload (the data). The header contains the source port, the destination port, packet's length and a checksum. Linux automatically drops the packets with invalid length ("short packet") or if checksum validation fails ("bad checksum"), so you can't block them.
I doubt this is an attack because the packets do nothing, are simply ignored. And I don't think you receive hundreds/thousands invalid packets per second. But probably this means that some hardware has problems... -----Original Message----- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mico Sent: Wednesday, October 03, 2012 0:17 AM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Prevent UDP attacks In the message log of the operating system (Ubuntu 12.04) I'm seeing a lot of logs like the following: [848814.998297] UDP: short packet: From 190.xxx.xxx.xxx:308 /33 to 200.xxx.xxx.xxx:27025 [874435.912157] UDP: short packet: From 190.xxx.xxx.xxx:4805 49320/37 to 200.xxx.xxx.xxx:27024 [882015.978724] UDP: bad checksum. From 190.xxx.xxx.xxx:58299 to 200.xxx.xxx.xxx:27020 ulen 33 As block these requests? thanks _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux