Forum


Notice to all users

We are migrating towards a new forum system located at community.teamspeak.com, as such this forum will become read-only on January 29, 2020

Results 1 to 6 of 6
  1. #1
    Join Date
    January 2014
    Posts
    2

    Question Login to server query via telnet

    Hi I have a question how to block login to server query via telnet.
    I added a rule to iptables but unfortunately it did not work for GameTracker
    The point is teeth appoint ip from which you can sign because i need GameTracker.

  2. #2
    Join Date
    September 2013
    Location
    Croatia
    Posts
    93
    Wait do u want to block gametracker from your ts or u wanna add ts to them?

  3. #3
    Join Date
    February 2012
    Location
    Germany
    Posts
    577
    You have probably a firewall that blocks everything as default, and you open only the ports that you want open. For the query port, you probably have a rule like this:

    iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 10011 -j ACCEPT

    This opens the query port 10011 for everyone.

    Now you want that not everyone can access the query port, but only selected systems.
    You can restrict the above rule by adding the -s parameter, so that only mentioned systems can access the query port:

    iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 111.222.0.0/16 --dport 10011 -j ACCEPT

    This would grant only people in the ip network 111.222.0.0/16 access. Everyone else is blocked, as long as your default rule is to drop packets that match no rule. If you have several networks that should have access, repeat the rule for every network like this:

    iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 11.22.0.0/16 --dport 10011 -j ACCEPT
    iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 22.33.0.0/16 --dport 10011 -j ACCEPT
    iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 33.44.0.0/16 --dport 10011 -j ACCEPT


    Alternatively, if you want to block only one special IP address but give access to every other address, go with the original rule and add a second rule with DROP instead:

    iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 11.22.33.44/32 --dport 10011 -j DROP
    iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 10011 -j ACCEPT

    This would drop connection requests for 11.22.33.44 only and accept connections from every other source to the query port. The DROP rule must be above the ACCEPT rule.

  4. #4
    Join Date
    June 2011
    Location
    Germany
    Posts
    4,368
    Or simply change query port.

  5. #5
    Join Date
    January 2014
    Posts
    2
    Quote Originally Posted by Schlumpi View Post
    iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 111.222.0.0/16 --dport 10011 -j ACCEPT
    Sorry for long time when i don't reply.
    Btw this doesn't work i put this into the iptables but i can connect from all ip.

  6. #6
    Join Date
    February 2012
    Location
    Germany
    Posts
    577
    Without knowing your actual firewall rules, everything from our side is only guessing (including my previous post).

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [No Bug] Server Query > Linux (BSD?) Telnet Protocol > Character Support
    By Ronin Design in forum Bug Reports [EN/DE]
    Replies: 2
    Last Post: July 4th, 2014, 02:58 PM
  2. Server Query via Telnet dont accept
    By Tiieto in forum Linux / FreeBSD
    Replies: 1
    Last Post: June 12th, 2011, 09:34 AM
  3. telnet query / server log settings
    By Bartman in forum Server Support
    Replies: 0
    Last Post: January 30th, 2010, 09:52 PM
  4. Replies: 0
    Last Post: January 1st, 2010, 07:06 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •