[ColonelBurton]

I'm suffering this since morning, i suspected that it is the update(possible infinite loop) and undone today's update but still ingoing.
The outgoing traffic suddenly increase & lagging out all players for 20-30 mins. it happened 5 times already.
I already have ddos protection, before someone say it is a ddos.




usual traffic


today's traffic

[Sgt.TheDarkness]

I'm experiencing similar issues, my outgoing traffic is almost triple than what I'm receiving, however I've yet to see my players time out, nor crash.

[rm0203]

Well, I know about an "exploit" that has been around for some time, it attacks using UDP ports and only SA-MP server is affected, happened to a server that I was managing today. Take a look on some logs:

I think IP is src.sport.
...
03:05:51.309938 IP 209.105.233.*.54889 > 198.50.252.***: UDP, length 64
03:05:51.309940 IP 209.105.233.*.54883 > 198.50.252.***: UDP, length 64
03:05:51.309988 IP 209.105.233.*.54887 > 198.50.252.***: UDP, length 64
03:05:51.309992 IP 209.105.233.*.54881 > 198.50.252.***: UDP, length 64
03:05:51.309993 IP 209.105.233.*.54884 > 198.50.252.***: UDP, length 64
03:05:51.309994 IP 209.105.233.*.54890 > 198.50.252.***: UDP, length 64
...

Fixed by making a rule on iptables for that IP.

[cm666]

Quote:

Originally Posted by rm0203 Fixed by making a rule on iptables for that IP.

what rule?

[rm0203]

Well, I am not a linux expert but I did it by using the command tcpdump. This showed me an IP flooding UDP port, just link I showed above. So, I used:
iptables -A INPUT -s 209.105.233.* -j DROP

I saw a player doing this to big servers and they got offline instantly.