Unreal Tournament 436 Linux denial-of-service fix
-------------------------------------------------

8/20/2002


- Replace your old IpDrv.so with this one (MAKE A BACKUP!)
- At your discretion, add these to your .ini file:

(In the [IpDrv.TcpNetDriver] section)

AllowPlayerPortUnreach=(True or False)
LogPortUnreach=(True or False)

The defaults are okay for most people!

"AllowPlayerPortUnreach" will continue talking to a legitimate player
after she sends an ICMP port unreachable packet. The new DoS fix will
immediately stop talking to an IP address when it gets such a packet,
but here it will keep talking to that IP if it was already a valid
player before that ICMP packet. Note that this is a fix for buggy
firewalls and flakey net connections; most people should _not_ set this,
since, if the player crashes out (and thus sends port unreachable
packets), you usually don't want to keep flooding them. This has no
effect on a player that leaves a game normally, since we know to stop
talking to them.

"LogPortUnreach", when set to true, will report (and write to your log
files) when you get ICMP port unreachable packets. Enabling this will
give you a good idea about whether someone is trying to use the DoS
exploit on you, but since each spoofed UDP packet writes a line to the
file, this can make your logs balloon with a quickness. You should only
enable it if you suspect you're getting hit.