And so, we have, a typical attack on the game server, with the help of a proxy, that is, one ip, a few dozen or hundreds of proxies hammer on the server. How can you catch \ ban such a miracle?

  • so ip one in a few dozen or hundreds of proxies? - ArcherGodson 2:53 pm
  • There is 1 PC, it is under attack, with proxies - avengerweb
  • using a proxy, it connects to the game server. - avengerweb
  • then my answer fits - ArcherGodson
  • I need to somehow identify the source and block it ... - avengerweb

2 answers 2

iptables -A INPUT -s <source ip> -j DROP
  • How to drop an ip, alas, I know, but how to find out the ip of the offender, no. - avengerweb
  • This is how you learn the offender, if you specify the port netstat -ntp | sed -E 's / ^ ([^] * [] *) {4} //; s / []. * $ //' | grep ": 80 $" | sort | uniq -c | sort -nr | head -1 - ArcherGodson 3:31 pm
  • lied .. that's how netstat -ntp should be | sed -E 's / ^ ([^] * [] *) {4} //; s /: [0-9] * []. * $ //' | sort | uniq -c | sort -nr | head -1 - ArcherGodson pm
  • Maybe watching the video, you will be able to understand me: youtube.com/watch?v=SqALJYCB-rk - avengerweb
  • I don’t know what you are trying to get out of there, but here’s the usual log: 2paste.in/qdfp - avengerweb

Unfortunately, there is no way to determine whether this is a proxy or not, except for HTTPS proxy, which headers sometimes throw. The question is ancient, but like this.