[Plugin] Anti Query Flood for Windows

[Plugin] Anti Query Flood for Windows - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Plugin Development (https://sampforum.blast.hk/forumdisplay.php?fid=18)
+--- Thread: [Plugin] Anti Query Flood for Windows (/showthread.php?tid=440011)

Pages: 1 2

Respuesta: Anti Query Flood for Windows - Jovazxc - 28.05.2013

Ok, the source code was added newly

Respuesta: Anti Query Flood for Windows - Glimma - 28.05.2013

Memory hacking isn't allowed? https://sampforum.blast.hk/showthread.php?tid=428066

Good job Jossta.

Re: Respuesta: Anti Query Flood for Windows - OrMisicL - 28.05.2013

Quote:

Originally Posted by DeadSkyTkb

Memory hacking isn't allowed? https://sampforum.blast.hk/showthread.php?tid=428066

Good job Jossta.

I took authorization from the samp team before releasing that plugin, any memory hacking plugin should do the same

@Jostaa: i think you should contact somebody from samp team via PM or IRC, since Kalcor is inactive from a while (February !)

Re: Anti Query Flood for Windows - Slice - 29.05.2013

This could be done with iptables, btw.

Something like this:

Code:

-N SAMP_QUERY
-A SAMP_QUERY -m hashlimit --hashlimit-name samp-query --hashlimit-above 3/s --hashlimit-burst 6 --hashlimit-mode srcip,dstport -j DROP
-A SAMP_QUERY -j ACCEPT

-A INPUT -p udp -m length --length 43 --dport 7777 -m string --algo kmp --hex-string "SAMP|2E1322F2B822" -j SAMP_QUERY

The hex string is IP+port (see this).

Re: Anti Query Flood for Windows - AccountName - 29.05.2013

Where does the ip get banned?

Re: Anti Query Flood for Windows - RyDeR` - 29.05.2013

About the plugin, it's too sensitive; try spamming a couple of commands and it'll ban you. You should definitely improve it by more tests and more accurate values. I think 200 is too low, you should increase that value to a max possible, so innocent people don't get banned. Besides that, very nice plugin - I don't see any reason why SA:MP team would not allow this plugin.

Quote:

Originally Posted by AccountName

Where does the ip get banned?

It gets banned in the netsh firewall service in Windows. Just execute this (in cmd.exe) to unban your IP:

Code:

netsh advfirewall firewall delete rule name=all remoteip=YOUR_IP_ADDRESS

Respuesta: Re: Anti Query Flood for Windows - Jovazxc - 29.05.2013

Quote:

Originally Posted by Gamer_Z

kind of useless considering the facts that you have the choice to only use windows firewall, why not make a configuration file in which the command to add a rule is stored in, like anti-query.conf with the text of windows firewall rule add, and then users will be able to use their own firewall.

if I understood well, make a configuration file that store the rules and when the server starts load these rules? and when shutdown the server delete the rules from the firewall and not from the file, would be good, and better manage the bans?

but considering it ban's so much ip's, could take server startup

Quote:

Originally Posted by RyDeR`

About the plugin, it's too sensitive; try spamming a couple of commands and it'll ban you. You should definitely improve it by more tests and more accurate values. I think 200 is too low, you should increase that value to a max possible, so innocent people don't get banned. Besides that, very nice plugin - I don't see any reason why SA:MP team would not allow this plugin.

Yes, you have reason, i will improve this soon

Respuesta: Re: Respuesta: Re: Anti Query Flood for Windows - Jovazxc - 30.05.2013

Quote:

Originally Posted by Gamer_Z

just so users can replace the command which gets executed, and eg %IP% is the ip flooded, in a string, etc

now I understand, but that another firewall can be used with the command line?

Respuesta: Anti Query Flood for Windows - Jovazxc - 31.05.2013

Updated, v1.1 released

Re: Anti Query Flood for Windows - CoaPsyFactor - 31.05.2013

Nice plugin, although there are many ways to detect flood attack.

@Gamer_Z - why can't you stop being such a c**ck blocker? (it is wrong word for this, but I can't remember any other)

Re: Anti Query Flood for Windows - Richard_Gere - 18.07.2013

development is frozen?

Re: Anti Query Flood for Windows - ReV. - 18.07.2013

Has anyone tested this and can confirm its working?

also does this work for the "Packet Modified" exploit?

Re: Anti Query Flood for Windows - dudaefj - 05.12.2013

Hello

I've updated my visual studio 2010 to 2012 and now when I try to build, I'm getting those error messages:

1>detours.lib(detours.obj) : error LNK2026: module unsafe for SAFESEH image.
1>detours.lib(disasm.obj) : error LNK2026: module unsafe for SAFESEH image.

does anyone know what should I do to fix that?

Respuesta: Anti Query Flood for Windows - Jovazxc - 21.12.2013

Set your project properties like here

Respuesta: Anti Query Flood for Windows - Jovazxc - 23.12.2013

Updated to SA-MP 0.3x R2

Re: Anti Query Flood for Windows - no1508 - 22.05.2015

Hey, Jovazxc!

Support 0.3z ?

Re: Anti Query Flood for Windows - Abagail - 22.05.2015

He hasn't logged in since the 14th so it may be a while before he sees this anyways there have been more complex methods I believe developed such as the one by Gamer_Z that will do the same thing, if I am not wrong.

Re: Anti Query Flood for Windows - jamesbond007 - 22.05.2015

eh? why cant i extract this ? anyone else? do i need to update my winrar lol
! C:\Users\Max\Downloads\firewall (1).zip: Unknown method in firewall\detours\detours.lib
! C:\Users\Max\Downloads\firewall (1).zip: Unknown method in firewall\main.cpp
! C:\Users\Max\Downloads\firewall (1).zip: Unknown method in firewall\main.h

Re: Anti Query Flood for Windows - Abagail - 22.05.2015

It's old, don't even try to use it, it won't work because it uses memory hacking, you'd have to update it from 0.3x to 0.3.7, and frankly there are better plugins available that do the same thing.

Re: Anti Query Flood for Windows - jamesbond007 - 22.05.2015

ah didnt see the date... guys stop bumping it