> > > Is there some kind of throttle in getchallenge packets that does not allow > more than a certain rate of these packets from one particular IP address? > Would that be an elegant way to address this problem? > > I'm not sure this advice is applicable (given you have more experience in this code than me), but there is basically no excuse for a large number of packets from the same IP but different port. If four people behind a NAT'd router all try to connect at the same time, I can see that, but 100+? 500+? 1000+? That's just silly. If there was a legitimate reason for having a ton of connections occur at the same time, couldn't they just retry the connection if it was ignored by the server on the basis of being "too suspicious"?
Patrick Baggett
_______________________________________________ ioquake3 mailing list [email protected] http://lists.ioquake.org/listinfo.cgi/ioquake3-ioquake.org By sending this message I agree to love ioquake3 and libsdl.
