# Flood IRC Bots



## CeHostRO (Jun 30, 2014)

Hi, I have a webserver for a game and it's under attack. Someone is flooding it with IRC Bots. I'm using IPFW but 0 changes.

```
IPF="ipfw -q add"
ipfw -q -f flush

##Custom-Rules
$IPF 1 allow all from me to any 30040
$IPF 2 allow all from 127.0.0.0/8 to any 30040
$IPF 3 deny all from any to me 30040
$IPF 4 allow all from me to any 30041
$IPF 5 allow all from 127.0.0.0/8 to any 30041
$IPF 6 deny all from any to me 30041
$IPF 7 allow all from me to any 30060
$IPF 8 allow all from 127.0.0.0/8 to any 30050
$IPF 9 deny all from any to me 30050
$IPF 10 allow all from me to any 30051
$IPF 11 allow all from 127.0.0.0/8 to any 30051
$IPF 12 deny all from any to me 30051
$IPF 13 allow all from me to any 30070
$IPF 14 allow all from 127.0.0.0/8 to any 30070
$IPF 15 deny all from any to me 30070


#Dienste

ipfw add 25 allow tcp from any to any 3005 setup limit src-addr 5
ipfw add 26 allow tcp from any to any 3004 setup limit src-addr 5

#################################################
# Allow Loopback and Deny Loopback Spoofing
#################################################
$IPF allow all from any to any via lo0
$IPF deny all from any to 127.0.0.0/8
$IPF deny all from 127.0.0.0/8 to any
$IPF deny tcp from any to any frag

##Standart Regeln
$IPF check-state
$IPF deny tcp from any to any established
$IPF allow all from any to any out keep-state
$IPF allow icmp from any to any

#Permisiuni Speciale
ipfw add 120 allow tcp from 46.108.11.78 to any
ipfw add 120 allow tcp from 46.108.3.228 to any
ipfw add 120 allow tcp from any to 46.108.60.217
ipfw add 120 allow tcp from 46.108.60.217 to any
ipfw add 120 allow tcp from 46.108.11.78 to any
ipfw add 120 allow tcp from 188.240.250.95 to any
ipfw add 120 allow tcp from any to 188.240.250.95
ipfw add 120 allow tcp from  any to 46.108.3.228
ipfw add 120 allow tcp from 89.37.39.103 to any
ipfw add 120 allow tcp from any to 89.37.39.103
ipfw add 120 allow tcp from 89.33.212.212 to any
ipfw add 120 allow tcp from any to 89.33.212.212
ipfw add 120 allow tcp from 92.87.16.205 to any
ipfw add 120 allow tcp from any to 92.87.16.205
```

He is attacking 3306 port (closed by the firewall, allowed only for specified IPs). Any solution? 

Thanks so much.


----------



## DutchDaemon (Jun 30, 2014)

What game is that?


----------



## SirDice (Jun 30, 2014)

This doesn't bode well: http://www.cehost.ro/gazduire-servere-metin2

Should I fetch my LART?


----------



## zspider (Jun 30, 2014)

DutchDaemon said:
			
		

> What game is that?



That's exactly what I was thinking.


----------



## CeHostRO (Jun 30, 2014)

I am a staff member, not a Metin2 player. I want to install a game CP for multi-games.


----------



## SirDice (Jun 30, 2014)

CeHostRO said:
			
		

> I am a staff member, not a Metin2 player.


That doesn't matter.

http://forums.freebsd.org/viewtopic.php?f=49&t=37344


----------



## Crivens (Jul 1, 2014)

SirDice said:
			
		

> Should I fetch my LART?


The one tipped with silver, hung with garlic, wrapped in the holy shroud and socketed with the Amulet of Yendor? So YOU have that one?


----------

