So I had a i7-8700K 6 core 12 thread processor laying around in a previos gen Mobo, and 32GB of ram from a past build, I decided to throw an SSD and a NVME into the mix I also had laying around lol, And make a sweet little dedicated server to host a rust server on.

My isp supports port fowarding and I have a gigabit connection. I setup the server and it's listed publically while testing/setting up.
BUT my issue is I don't want to put my public IP Address in harms way, as even with the gigabit connection my isp is still vulnerable to basic DDoS attacks... Especially if they target open ports, for example gee I don't know, ports that a game server is listening on, haha not fun.

Is there a service out there free or paid, that I can subscribe/setup, To achieve ddos protection, or tunneling tcp/udp or some sort of vpn?

• TCP: 27015, 27036, 28016, 28082

• UDP: 27015, 27031-27036, 28015
  I do not want to use something like hamachi, and that just defeats port fowarding issues, does not mask ip.
  I found ngrok but it does not support udp.
  I found someone claiming they are "using a VPS to mask my connection with debian 9 at OVH"
  I don't have a single clue what they're talking about

The solution is probably alot easier than I'm thinking. Thanks in advance.

Summery, DDoS protection for home network/isp OR way to middle man the traffic so ISP is protected from DDoS attacks.

Make your server hidden from public?
https://wiki.facepunch.com/rust/Creating_a_hidden_whitelisted_server

basically just change queryport

No I want it to be public, I just want to host locally on ISP and protect from ddos attacks.

What you are trying to do is not feasible. I'm just trying to save your time because you are on a wild goose chase.

So it's impossible to have ddos protection. GG Jimmy

No, you can have DDoS protection, you just have to host it with a provider that has it as a feature. Getting DDOS protection for your home connection is not really viable to the average user.

EDIT: If you were paying your ISP for a business connection, you could get this done via BGP peering, but your ISP isn't going to do that for a home/residential user. So you'd be paying for a business connection which is like asking for a cake and saying it's for a wedding, the price goes up big time. 

At this point you're spending far more on hosting this server from home, in both connection and DDOS protection costs and that isn't even factoring in the power costs of the server and maintaining it. So you may as well just have it hosted by a gaming server hosting provider at this point. 

Instead of renting a hosted server (which gets expensive the more ram want) and as you already have a server set up you could look into paying a TCAdmin license for about $8 a month,  

TCAdmin is not going to provide IP masking or DDoS protection for a Rust server hosted on a home/residential connection.

ErikaSupreme

TCAdmin is not going to provide IP masking or DDoS protection for a Rust server hosted on a home/residential connection.

TCAdmin are not concerned with where the server is running, whether its in an office or someones home, they sell a package to enable server owners handle their server(s) and depending on the package how many servers they want to run, it was a suggestion for the original poster,

Yeah but OP wasn't asking about that and doesn't need to pay $8 a month manage their home run server, something free like RustAdmin on desktop would be fine.

ErikaSupreme

Yeah but OP wasn't asking about that and doesn't need to pay $8 a month manage their home run server, something free like RustAdmin on desktop would be fine.

well yeah but he was

Is there a service out there free or paid, that I can subscribe/setup, To achieve ddos protection, or tunneling tcp/udp or some sort of vpn?

And TCAdmin does have DDOS protection .