commit 9a0f5d4f0ac615940bc588b9cce275060c5a147d Author: /dev/humancontroller Date: Wed Jun 20 18:22:21 2012 +0200 prevent using getinfo as an amplifier for DDOS attacks previously, the rate limiter was applied to only getstatus (and rcon) diff --git a/code/server/sv_main.c b/code/server/sv_main.c index cd0706d..39a970f 100644 --- a/code/server/sv_main.c +++ b/code/server/sv_main.c @@ -531,6 +531,8 @@ static qboolean SVC_RateLimitAddress( netadr_t from, int burst, int period ) { return SVC_RateLimit( bucket, burst, period ); } +static leakyBucket_t outboundLeakyBucket; + /* ================ SVC_Status @@ -549,7 +551,6 @@ static void SVC_Status( netadr_t from ) { int statusLength; int playerLength; char infostring[MAX_INFO_STRING]; - static leakyBucket_t bucket; // ignore if we are in single player if ( Cvar_VariableValue( "g_gametype" ) == GT_SINGLE_PLAYER ) { @@ -565,7 +566,7 @@ static void SVC_Status( netadr_t from ) { // Allow getstatus to be DoSed relatively easily, but prevent // excess outbound bandwidth usage when being flooded inbound - if ( SVC_RateLimit( &bucket, 10, 100 ) ) { + if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) { Com_DPrintf( "SVC_Status: rate limit exceeded, dropping request\n" ); return; } @@ -615,6 +616,20 @@ void SVC_Info( netadr_t from ) { return; } + // Prevent using getinfo as an amplifier + if ( SVC_RateLimitAddress( from, 10, 1000 ) ) { + Com_DPrintf( "SVC_Info: rate limit from %s exceeded, dropping request\n", + NET_AdrToString( from ) ); + return; + } + + // Allow getinfo to be DoSed relatively easily, but prevent + // excess outbound bandwidth usage when being flooded inbound + if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) { + Com_DPrintf( "SVC_Info: rate limit exceeded, dropping request\n" ); + return; + } + /* * Check whether Cmd_Argv(1) has a sane length. This was not done in the original Quake3 version which led * to the Infostring bug discovered by Luigi Auriemma. See http://aluigi.altervista.org/ for the advisory.