Set maximum UDP Packetbytelength for anti crash (eg. q3infoboom) [via FIREWALL (IPTABLES)] for LINUX

To ensure that UDP packets longer than 750 bytes are ignored on a specific port (e.g., 12345), you can use iptables. Here’s how to set it up:

1. Add a rule to the INPUT chain to accept UDP packets on port 12345 if they are 750 bytes or less:

   sudo iptables -A INPUT -p udp --dport 12345 -m length --length 0:750 -j ACCEPT

   (u have to edit the port 12345 to your actual server port, and repeat it for every port you open a server on)

    

2. Add a rule to the INPUT chain to drop UDP packets on port 12345 if they are greater than 750 bytes:

   sudo iptables -A INPUT -p udp --dport 12345 -m length --length 751: -j DROP

   (u have to edit the port 12345 to your actual server port, and repeat it for every port you open a server on)

    

Explanation of the Rules:

1. First Rule:

   • -A INPUT: Appends a rule to the INPUT chain.
   • -p udp: Applies to UDP packets.
   • --dport 12345: Applies to packets destined for port 12345.
   • -m length --length 0:750: Uses the length module to check the packet length. This rule accepts packets with lengths between 0 and 750 bytes (inclusive).
   • -j ACCEPT: Accepts packets that match the preceding criteria.

2. Second Rule:

   • -A INPUT: Appends a rule to the INPUT chain.
   • -p udp: Applies to UDP packets.
   • --dport 12345: Applies to packets destined for port 12345.
   • -m length --length 751:: Uses the length module to check the packet length. This rule drops packets with lengths greater than 750 bytes.
   • -j DROP: Drops packets that match the preceding criteria.

Applying and Verifying the Rules:

1. View the current iptables rules:

   To see the current rules and identify their line numbers, use the following command:

   sudo iptables -L -v -n --line-numbers

    

    

2. Verify that the rules have been applied:

   To ensure the rules have been applied correctly, view the iptables rules again:

   sudo iptables -L -v -n

    

    

    

Saving the Changes:

Ensure that the changes are saved permanently so they persist after a system reboot:

• Debian/Ubuntu:

  sudo netfilter-persistent save

   

   

   

• Red Hat/CentOS:

  sudo service iptables save

   

   

   

Summary:

1. Add the rules:

   sudo iptables -A INPUT -p udp --dport 12345 -m length --length 0:750 -j ACCEPT sudo iptables -A INPUT -p udp --dport 12345 -m length --length 751: -j DROP

   (u have to edit the port 12345 to your actual server port, and repeat it for every port you open a server on)

    

2. View the current iptables rules:

   sudo iptables -L -v -n --line-numbers

    

    

3. Save the changes:

   • Debian/Ubuntu:

     sudo netfilter-persistent save

      

      
   • Red Hat/CentOS:

     sudo service iptables save

      

With these steps, you ensure that only UDP packets of 750 bytes or less are accepted on port 12345, and larger packets are dropped. It wont be crashable via q3infoboom after setting up this firewall rule.

u can see your rules with:
 

sudo iptables -L -v -n --line-numbers

delete rules with (deletes 1 line): 

iptables -D INPUT 1