SA-MP Forums

Go Back   SA-MP Forums > SA-MP Scripting and Plugins > Filterscripts > Tools and Files

Reply
 
Thread Tools Display Modes
Old 20/10/2019, 07:57 PM   #1
SlowARG
Big Clucker
 
SlowARG's Avatar
 
Join Date: Feb 2014
Posts: 52
Reputation: 18
Default iptables rules for spoofing.

Code:
#!/bin/bash
# Author: Nobody.

# Configs
SERVER_PORT="7777"
DEFAULT_CHAIN="PREROUTING -t raw"

# Useful message.
echo "You must disable default samp query flood protection."
echo "Set 'queryflood' to '0' or '-1' in server.cfg."

# Block invalid UDP dynamic port ranges.
# INPUT default action: DROP.
iptables -I INPUT -p udp --dport $SERVER_PORT -m multiport --sports 49152:65535 -j ACCEPT
iptables -I $DEFAULT_CHAIN -p udp --dport $SERVER_PORT -m multiport ! --sports 49152:65535 -j DROP

# Drop 'c' and 'd' queries.
iptables -I $DEFAULT_CHAIN -p udp --dport $SERVER_PORT -m u32 --u32 "28=0x53414d50&&35&0xff=0x63" -j DROP
iptables -I $DEFAULT_CHAIN -p udp --dport $SERVER_PORT -m u32 --u32 "28=0x53414d50&&35&0xff=0x64" -j DROP

# Drop 'x' query (fuck RCON).
#iptables -I $DEFAULT_CHAIN -p udp --dport $SERVER_PORT -m u32 --u32 "28=0x53414d50&&35&0xff=0x78" -j DROP

# Create RATE-LIMIT chain.
iptables --new-chain RATE-LIMIT

# Limit 'r', 'i' and 'p' queries (1/s after 1).
iptables -I RATE-LIMIT -p udp --dport $SERVER_PORT -m u32 --u32 "28=0x53414d50&&35&0xff=0x72" -m hashlimit --hashlimit-upto 1/s --hashlimit-burst 1 --hashlimit-mode srcip,dstport --hashlimit-name samp-query-r -j ACCEPT
iptables -I RATE-LIMIT -p udp --dport $SERVER_PORT -m u32 --u32 "28=0x53414d50&&35&0xff=0x69" -m hashlimit --hashlimit-upto 1/s --hashlimit-burst 1 --hashlimit-mode srcip,dstport --hashlimit-name samp-query-i -j ACCEPT
iptables -I RATE-LIMIT -p udp --dport $SERVER_PORT -m u32 --u32 "28=0x53414d50&&35&0xff=0x70" -m hashlimit --hashlimit-upto 1/s --hashlimit-burst 1 --hashlimit-mode srcip,dstport --hashlimit-name samp-query-p -j ACCEPT

# Hashlimit module ratelimit queries.
iptables -A RATE-LIMIT -p udp --dport $SERVER_PORT -m u32 --u32 "28=0x53414d50" -m hashlimit --hashlimit-upto 2/sec --hashlimit-burst 5 --hashlimit-mode srcip,dstport --hashlimit-name conn_rate_limit -j ACCEPT

# Drop RATE-LIMIT chain.
iptables -A RATE-LIMIT -j DROP

# Ratelimit some queries.
iptables -A $DEFAULT_CHAIN -p udp -m length --length 1:1024 -m recent --set --name SAMP-RATE-LIMIT
iptables -A $DEFAULT_CHAIN -p udp --dport $SERVER_PORT -m u32 --u32 "28=0x53414d50" -m recent --update --seconds 1 --hitcount 5 --name SAMP-RATE-LIMIT -j DROP

# TTL Limit (pasted).
iptables -A $DEFAULT_CHAIN -p udp --dport $SERVER_PORT -m ttl --ttl-eq=128 -m length --length 17:604 -j DROP
Released cuz @Atom and @muphy are g*ys and stolem them.
F*ck u both. Are u serious guys? Call yourself hackers by saving a discord bot token when u had root access?

@adri1 I tould u muphy isn't a good person.
@Graber see this plz and trust me now.
SlowARG is offline   Reply With Quote
Old 20/10/2019, 08:34 PM   #2
Symon
Gangsta
 
Symon's Avatar
 
Join Date: Apr 2019
Location: Italy
Posts: 515
Reputation: 18
Default Re: iptables rules for spoofing.

For the sake of newbies here, do you mind to explain what it does and why all those insults?
__________________


Discord | Play Now | Website

Add your server to favourites and join our Discord.
Symon is offline   Reply With Quote
Old 20/10/2019, 09:00 PM   #3
SlowARG
Big Clucker
 
SlowARG's Avatar
 
Join Date: Feb 2014
Posts: 52
Reputation: 18
Default Re: iptables rules for spoofing.

Quote:
Originally Posted by Symon View Post
For the sake of newbies here, do you mind to explain what it does and why all those insults?
Those are iptables rules to deal/help with udp spoofing (query spoofing/cookie spoofing) or simply DDoS attacks.
They are not perfect but works.

Those insults are cuz @muphy and @Atom stole a SA-MP Server Discord (they had root access and the VPS had a discord bot), and, ofc, those iptables rules.

Atom stole 10 usd for giving absolutely zero protection against query flood (downloaded rules I think), so he stole my own rules.
SlowARG is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Why its spoofing ? FizzyWalshy Scripting Help 0 08/06/2017 02:04 PM
[Include] rules.inc. Make your server rules with one simple line!!! RajatPawar Includes 7 17/01/2013 06:08 PM
Looking for usefull, working iptables rules Meester Proper Server Support 1 11/05/2009 06:12 AM


All times are GMT. The time now is 06:17 PM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.