SA-MP Forums Archive
[Include] Anti flood + IP limits - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Filterscripts (https://sampforum.blast.hk/forumdisplay.php?fid=17)
+---- Forum: Includes (https://sampforum.blast.hk/forumdisplay.php?fid=83)
+---- Thread: [Include] Anti flood + IP limits (/showthread.php?tid=321533)

Pages: 1 2

Anti bot attack + IP limits - Roperr - 27.02.2012

Functions
This is a simple include which will prevent your server from getting attacked by those pesky join/part bots.
You can also limit how many connections can be made with your server from the same exact IP. This is because some bots do not flood connections, but instead join every few seconds, evading the Anti Flood.
pawn Код:
#define IP_LIMIT 3 // = Max connections from one single IP
#define Time_Limit 3500 // = The time span between connects, adjust it to your own specifications
Change the IP_LIMIT if you are affraid of banning brothers, altho unlikely somebody will join with 3 computers.

I believe this will be of much help to other server owners, as it is of help for myself.
I used to use Kick(playerid) and just kick the flooders, but that wouldn't stop them from reconnecting 20 more times, so I've changed it to instantly ban if it identifies these attacks.

This is pretty much secure and won't cause any threat to your regulars being banned. Tested & fully working.

EDIT:
After looking up some more information about these attacks I'd like to provide another simple piece of code that would help you against the attackers that use the samp NPC's.

Add this to the code of OnPlayerConnect.
pawn Код:
public OnPlayerConnect(playerid)
{
    if(IsPlayerNPC(playerid)) {
        new server_IP[16];
        format(server_IP, 16, "127.0.0.1");

        if(strcmp(ConnIP,server_IP,true) != 0) {
            Ban(playerid); // Ban is the safest thing here, as if you kick, they can still flood you with endless connections
            return 0;
        }
    } 
    return 1;
}
What this does is check if the NPC connecting has the IP 127.0.0.1, this is the local IP of your server and NPC always connect from that. So if the IP isn't 127.0.0.1, it means the NPC connecting is an attacker's bot.

Have fun, seeya.

Downloads:
2shared link
Pastebin link

Respuesta: Anti flood + IP limits - Kurama - 27.02.2012

Nice work.

Re: Anti flood + IP limits - HeLiOn_PrImE - 27.02.2012

The attack I am experiencing doesn't trigger the OnPlayerConnect function. It blocks my server somehow, and the players who are trying to connect afterwards, all have the same IP : 255.255.255.255 (this is a gateway in fact) and they all have the same -1 ping. Can your include stop that?

Re: Anti flood + IP limits - Roperr - 27.02.2012

Quote:
Originally Posted by HeLiOn_PrImE
Посмотреть сообщение
The attack I am experiencing doesn't trigger the OnPlayerConnect function. It blocks my server somehow, and the players who are trying to connect afterwards, all have the same IP : 255.255.255.255 (this is a gateway in fact) and they all have the same -1 ping. Can your include stop that?
I've seen a solution to that somewhere. I believe they are using NPC's to perform that attack.

I'll look it up and get back to you if I get any information about this matter.

Re: Anti flood + IP limits - Roperr - 27.02.2012

HeLiOn_PrImE, please show me your OnPlayerConnect.

I might have a way to fix it.

Re: Anti flood + IP limits - wups - 27.02.2012

Err, RyDeR's one is MUCH more efficient and effective.
About the NPC's. Use the maxnpc limit in server.cfg, should fix your problem.

Re: Anti flood + IP limits - Roperr - 27.02.2012

Quote:
Originally Posted by wups
Посмотреть сообщение
Err, RyDeR's one is MUCH more efficient and effective.
About the NPC's. Use the maxnpc limit in server.cfg, should fix your problem.
I've seen RyDeR's just after I posted this one, and I believe it's quite the same. This was tested with actual attacks on some of our servers and it has proved itself to be trustworthy and reliable, so I don't see how RyDeR's one would be MUCH more efficient and effective. But hey, I released my own version in which I trust and so did he, both indeed do work, now it's up to the crowd who they choose to trust.

Once again this is fully working and it's been tested about 3-4 times in an actual server attack, and I can say that the attackers were pretty much owned.

About the maxnpc limit, that wouldn't solve his problem since I believe he has a endless loop in his OnPlayerConnect, that's why I'm asking for the code.

Re: Anti flood + IP limits - wups - 27.02.2012

Quote:
Originally Posted by Roperr
Посмотреть сообщение
I've seen RyDeR's just after I posted this one, and I believe it's quite the same. This was tested with actual attacks on some of our servers and it has proved itself to be trustworthy and reliable, so I don't see how RyDeR's one would be MUCH more efficient and effective. But hey, I released my own version in which I trust and so did he, both indeed do work, now it's up to the crowd who they choose to trust.

Once again this is fully working and it's been tested about 3-4 times in an actual server attack, and I can say that the attackers were pretty much owned.

About the maxnpc limit, that wouldn't solve his problem since I believe he has a endless loop in his OnPlayerConnect, that's why I'm asking for the code.
Basicly, your server has low player count. RyDeR's one creates a,lets say, database. We store the latest 50 IP's, while yours stores the last one. See the difference?
RyDeR's code would detect this one, and your's wouldn't.
Quote:

BOT ATTACK has joined.
Random Player has joined.
BOT ATTACK has joined.
BOT ATTACK has joined.
Random Player has joined.
BOT ATTACK has joined.
etc.
I hope you got the point.

Re: Anti flood + IP limits - Roperr - 27.02.2012

Quote:
Originally Posted by wups
Посмотреть сообщение
Basicly, your server has low player count. RyDeR's one creates a,lets say, database. We store the latest 50 IP's, while yours stores the last one. See the difference?
RyDeR's code would detect this one, and your's wouldn't.

I hope you got the point.
I do understand your point now, I've checked and he indeed stores the 50 IPs.
But since these guys tend to attack with like over 20 bots, this would catch them for sure, because if 3 regular guys join the server at the time that the attack starts, half of the bot connections will be ignored by the code but the other half won't be. Even with over 100 players, this should be of help, since they do not tend to stop until they get banned.

Tho, this is the first version to help in case if people are looking for this, since this has been a regular thing at SAMP servers at this time.

I'll see to improve my work even for those big servers, even tho I believe this would work.

Re: Anti flood + IP limits - HeLiOn_PrImE - 27.02.2012

My onplayerconnect function looks like this....maybe with other textdraws and connect messages.
But it's not triggered because that thing doesn't fully connect like a normal player.
Check this topic, I posted my problem there and a guy posted a video with the exact thing that is happening to me (he posted 2 videos. The second video shows what is also happening to me)
I also posted there a pic with the rcon window of the server that shows the anomaly .
I see now that you posted there as well..
Код:
public OnPlayerConnect(playerid)




{
	GameTextForPlayer(playerid,"censored",5000,5);
	Pspawned[playerid] = 0;
	firstspawn[playerid]=1;
	GPSTimer[playerid] = 0;
	ClickedPlayerID[playerid] = -1;
    HaveGPS[playerid] = false;
	SendPlayerFormattedText(playerid, "Welcome to cenzoredt, for more please type /help and /tour", 0);
	SendClientMessage(playerid,0xB360FDFF,"Use /house to find information on our houses");
	SendClientMessage(playerid, COLOR_LIGHTBLUE,"Type /cmds for all commands (really)!");
	SendClientMessage(playerid, COLOR_ULTRARED,"Use /ro if you are romвn or /eng if you are English.");
	SendClientMessage(playerid, COLOR_YELLOW,"Type /teles to see teleportation on the server ");
	SendClientMessage(playerid, COLOR_ORANGERED,"If you need a vehicle type /V and if you want to tune cars write /tune");
	TextDrawShowForPlayer(playerid, Textdraw0);
	TextDrawShowForPlayer(playerid, Textdraw1);
	TextDrawShowForPlayer(playerid, Textdraw2);
	TextDrawShowForPlayer(playerid, Textdraw3);
	TogglePlayerControllable(playerid, false);
    TextDrawShowForPlayer(playerid, TheBoxy);
  	TextDrawShowForPlayer(playerid, Hin);
	TextDrawShowForPlayer(playerid, Weilcome);
	TextDrawShowForPlayer(playerid, thelp);
	TextDrawShowForPlayer(playerid, ttele);
	TextDrawShowForPlayer(playerid, trules);
	TextDrawShowForPlayer(playerid, byFarsek);
	TextDrawShowForPlayer(playerid, Commings);
	TextDrawShowForPlayer(playerid, Enjoyit);
	TextDrawShowForPlayer(playerid, tcmds);
	SetPlayerHealth(playerid,100);
	ResetPlayerWeapons(playerid);
	gActivePlayers[playerid]++;
	gLastGaveCash[playerid] = GetTickCount();
	GetPlayerName(playerid, pname, sizeof(pname));
    format(oyunism, sizeof(oyunism), "/Saver/%s.ini",pname);
    if(!dini_Exists(oyunism))
    {
    dini_Create(oyunism);
    dini_IntSet(oyunism, "Score", 0);
    dini_IntSet(oyunism, "Money", 0);
    SetPlayerScore(playerid, dini_Int(oyunism, "Score"));
    SetPlayerMoney(playerid, dini_Int(oyunism, "Money"));
    }
    else
    {
    SetPlayerScore(playerid, dini_Int(oyunism, "Score"));
    SetPlayerMoney(playerid, dini_Int(oyunism, "Money"));
    }
	return 1;
}


Re: Anti flood + IP limits - Roperr - 27.02.2012

Quote:
Originally Posted by HeLiOn_PrImE
Посмотреть сообщение
My onplayerconnect function looks like this....maybe with other textdraws and connect messages.
But it's not triggered because that thing doesn't fully connect like a normal player.
Check this topic, I posted my problem there and a guy posted a video with the exact thing that is happening to me (he posted 2 videos. The second video shows what is also happening to me)
I also posted there a pic with the rcon window of the server that shows the anomaly .
Код:
public OnPlayerConnect(playerid)




{
	GameTextForPlayer(playerid,"~r~Romania~w~Super~g~Stunt",5000,5);
	Pspawned[playerid] = 0;
	firstspawn[playerid]=1;
	GPSTimer[playerid] = 0;
	ClickedPlayerID[playerid] = -1;
    HaveGPS[playerid] = false;
	SendPlayerFormattedText(playerid, "Welcome to Romania Super Stunt[OFFICIAL]t, for more please type /help and /tour", 0);
	SendClientMessage(playerid,0xB360FDFF,"Use /house to find information on our houses");
	SendClientMessage(playerid, COLOR_LIGHTBLUE,"Type /cmds for all commands (really)!");
	SendClientMessage(playerid, COLOR_ULTRARED,"Use /ro if you are romвn or /eng if you are English.");
	SendClientMessage(playerid, COLOR_YELLOW,"Type /teles to see teleportation on the server ");
	SendClientMessage(playerid, COLOR_ORANGERED,"If you need a vehicle type /V and if you want to tune cars write /tune");
	TextDrawShowForPlayer(playerid, Textdraw0);
	TextDrawShowForPlayer(playerid, Textdraw1);
	TextDrawShowForPlayer(playerid, Textdraw2);
	TextDrawShowForPlayer(playerid, Textdraw3);
	TogglePlayerControllable(playerid, false);
    TextDrawShowForPlayer(playerid, TheBoxy);
  	TextDrawShowForPlayer(playerid, Hin);
	TextDrawShowForPlayer(playerid, Weilcome);
	TextDrawShowForPlayer(playerid, thelp);
	TextDrawShowForPlayer(playerid, ttele);
	TextDrawShowForPlayer(playerid, trules);
	TextDrawShowForPlayer(playerid, byFarsek);
	TextDrawShowForPlayer(playerid, Commings);
	TextDrawShowForPlayer(playerid, Enjoyit);
	TextDrawShowForPlayer(playerid, tcmds);
	SetPlayerHealth(playerid,100);
	ResetPlayerWeapons(playerid);
	gActivePlayers[playerid]++;
	gLastGaveCash[playerid] = GetTickCount();
	GetPlayerName(playerid, pname, sizeof(pname));
    format(oyunism, sizeof(oyunism), "/Saver/%s.ini",pname);
    if(!dini_Exists(oyunism))
    {
    dini_Create(oyunism);
    dini_IntSet(oyunism, "Score", 0);
    dini_IntSet(oyunism, "Money", 0);
    SetPlayerScore(playerid, dini_Int(oyunism, "Score"));
    SetPlayerMoney(playerid, dini_Int(oyunism, "Money"));
    }
    else
    {
    SetPlayerScore(playerid, dini_Int(oyunism, "Score"));
    SetPlayerMoney(playerid, dini_Int(oyunism, "Money"));
    }
	return 1;
}
Well, this is quite strange, I've checked that topic and I couldn't find a actual way of solving this, have you asked at the SAMP irc? I'm sure they're aware of this and mind give you a hand, even with maybe setting up a firewall.

Re: Anti flood + IP limits - HeLiOn_PrImE - 27.02.2012

how can I access it? I tried with mibbit and I get "Could not resolve hostname". is there an app for this I can install?

Re: Anti flood + IP limits - Roperr - 27.02.2012

The IRC server is: irl.tl
The channel is: #samp

It says you need a registered nickname, so use /ns register password email and then /ns identify password.
Then /join #samp.

Re: Anti flood + IP limits - HeLiOn_PrImE - 27.02.2012

Ok thank you, I will seek help there. It's less likely to find it, but I hope they solve this in the next RC, just like they did with the fake players tool. Again, thank you very much.

Re: Anti flood + IP limits - Roperr - 27.02.2012

Quote:
Originally Posted by HeLiOn_PrImE
Посмотреть сообщение
Ok thank you, I will seek help there. It's less likely to find it, but I hope they solve this in the next RC, just like they did with the fake players tool. Again, thank you very much.
No problem. I'm sure they'll think of something, since you can also find people that have knowledge on the hardware since this might not be pawno fix-able.

Good luck and no problem

Respuesta: Anti flood + IP limits - MrLevan - 28.02.2012

Nice work man

Re: Anti flood + IP limits - Batiol - 28.02.2012

Great work.

Re: Anti flood + IP limits - Roperr - 29.02.2012

Quote:
Originally Posted by MrLevan
Посмотреть сообщение
Nice work man
Quote:
Originally Posted by Batiol
Посмотреть сообщение
Great work.
Thanks fellas, I suggest not only you take a look at it, but actually add it to your server.

Re: Anti flood + IP limits - willzyyy - 29.02.2012

usefull include!

Re: Anti flood + IP limits - Roperr - 03.03.2012

Quote:
Originally Posted by willzyyy
Посмотреть сообщение
usefull include!
Thanks