Yes i'm using vac and TNF since July so, my rules are set, forgot exactly why :)
2013/9/30 Marco Padovan :
> you run those in the OVH network firewall (vac?)
>
> The issue we are experiencing is exactly there, I did not had rules for
> 26900 - 26999, the rest was similar to yours (I also opened listening
> client port)
>
> so maybe the curlprint is those 26900 random ports that the server uses to
> listen on... will give a try then.
>
> Thank you
>
>
> On Mon, Sep 30, 2013 at 6:41 AM, Zaretti Steve wrote:
>
>> gnaaa early morning, don't loop my ip :p
>>
>> 2013/9/30 Zaretti Steve :
>> > Well, these I my srcds firewall rules:
>> > permit udp any 87.98.179.101/32 range 26900 26999
>> > permit udp any range 1000 1099 IP.IP.IP.IP/32 range 2 20010
>> > permit udp any range 1330 1340 IP.IP.IP.IP/32 range 2 20010
>> > permit udp any range 27000 27999 IP.IP.IP.IP/32 range 2 20010
>> > <= standars client
>> > permit udp any range 33600 33699 IP.IP.IP.IP/32 range 2 20010
>> > permit udp any gt 5 IP.IP.IP.IP/32 range 2 20010
>> > <= ping, you should do packet length/string check
>> >
>> > My servers are on port 20004, 20005, etc.
>> >
>> > This rules was set ages ago. I'm not sure about which one allow steam
>> > connexion. Don't forgot that some client will be impacted.
>> >
>> >
>> > GL.
>> >
>> >
>> > 2013/9/30 Bruno Garcia :
>> >> Unrelated to this topic: Don't be frighten to address your ddos attack
>> >> situation with the authorities. You have every right to do so, and it
>> will
>> >> most likely permanently solve your problem.
>> >>
>> >>
>> >> On Sun, Sep 29, 2013 at 5:21 PM, Marco Padovan wrote:
>> >>
>> >>> well... i see no traffic on dst port 27015 will probably have to leave
>> the
>> >>> tcpdump (with -nnvvXS ) running for very long time?
>> >>> btw I hope there's a clear answer from valve.
>> >>>
>> >>> btw the only port I'm filtering (and always have been) is: UDP 269xx
>> ... I
>> >>> see plenty of those attached as listening to srcds...
>> >>>
>> >>> but it's is not related to the item server error apparently...
>> probably the
>> >>> item server connections is done in udp and outgoing, not listening
>> >>>
>> >>>
>> >>> On Sun, Sep 29, 2013 at 9:43 PM, Zaretti Steve
>> wrote:
>> >>>
>> >>> > tcpdump dst port 27015 | egrep -i "valve|steam"
>> >>> >
>> >>> > 2013/9/29 Marco Padovan :
>> >>> > > Hi,
>> >>> > >
>> >>> > > due to serious ddos attacks we had to put up a very strict firewall
>> >>> > > rulesets.
>> >>> > >
>> >>> > > Basically we permit just the incoming listening ports (client,
>> server
>> >>> and
>> >>> > > tv) and deny everything else.
>> >>> > >
>> >>> > > With that setup everything runs smoothly except if you press M to
>> >>> access
>> >>> > > the inventory and you see that error.
>> >>> > >
>> >>> > > My question is: what is the item server port so we can create a
>> >>> specific
>> >>> > > rule for that kind of traffic?
>> >>> > > Does the steam item server port send traffic with source 27015?
>> >>> > >
>> >>> > > Additionally does the connection to the item server make use of a
>> >>> random
>> >>> > > local port instead of the one defined with the +clientport command
>> line
>> >>> > > switch right?
>> >>> > >
>> >>> > > Thank you,
>> >>> > > best regards
>> >>> > > ___
>> >>> > > To unsubscribe, edit your list preferences, or view the list
>> archives,
>> >>> > please visit:
>> >>> > > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>> >>> >
>> >>> > ___
>> >>> > To unsubscribe, edit your list preferences, or view the list
>> archives,
>> >>> > please visit:
>> >>> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>> >>> >
>> >>> ___
>> >>> To unsubscribe, edit your list preferences, or view the list archives,
>> >>> please visit:
>> >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>> >>>
>> >> ___
>> >> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux