[blackturbo]

Hello all,

Iam experimenting with several firewall programs on a linux based vps. The problem iam having with one of the firewalls, is this.

when the firewall is running.
1. the samp server keeps running and players keep playing
2. the server appears offline in the samp client to all players, so no new players join.


when firewall is off
1. server runs ok, can be seen in samp client as online.

Is there any specific ports the client uses to query the samp server i need to open?


thanks a bunch

[rymax99]

What are your firewall rules? Are you filtering ICMP?

[blackturbo]

iam trying to use a program called Ddos Deflate if you know about it.

http://forum.odin.com/threads/how-to...ad-ips.298319/

[rymax99]

Yes, I've heard of it, and all it does it run every minute and checks using netstat to see if there is more than a predefined number of connections from an IP, and if there is, then drop further traffic for a specified time using iptables.

That alone shouldn't impact SA-MP connections unless you've defined the maximum amount of connections to be ridiculously low(~10).

What's the output of 'iptables -L'?

[blackturbo]

you mean this?

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


It seems you have experiance at linux firewalls, is there a firewall program you would recommend for a vps?

[blackturbo]

I guess iam looking for some good protection I had a few years ago when volt host was at its peak, they ran linux servers and had a neat firewall and u could enter as many IPs as you wished and it would not only ban but also prevent the IPs from seeing the server in the samp client. and iam well experianced with linux.

[rymax99]

Quote:

Originally Posted by blackturbo you mean this? Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination It seems you have experiance at linux firewalls, is there a firewall program you would recommend for a vps?

By the output of that, you don't have any firewall rules in iptables, therefore nothing should be getting filtered at that level.

As for Volt-Host having the web front-end for blocking IP's, it probably just added a rule in the software firewall on the host node to prevent users from connecting to your server. Can easily be done via iptables without a fancy front-end.

As for protection, a software firewall isn't going to do you much good for most attacks, how much your server can withstand in terms of a sustained attack almost completely depends on the network capacity of your host and filtering done by your host.
http://forum.sa-mp.com/showpost.php?...6&postcount=12

NFOServers VDS's(same as VPS) has a part in their control panel where you can add rules to the firewall on the host node hosting your VDS. This gets rid of some (what is usually negligible) overhead of iptables rules on the container itself and is typically easier for users not familiar with iptables(though, iptables is pretty simple once you get the hang of how everything works).

[blackturbo]

ok well my main servers are hosted by Vortex, which iam extremely happy, good ddos protection. I just been experimenting with cheap linux vps, but my vps are basic,low cost, and basically bring your own protection. Venturing out into other games like counter strike and such which are good for linux. ty for the help and advice xD