[Plugin] Custom Query Flood Check - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Plugin Development (https://sampforum.blast.hk/forumdisplay.php?fid=18)
+--- Thread: [Plugin] Custom Query Flood Check (/showthread.php?tid=640162)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Plugin Development (https://sampforum.blast.hk/forumdisplay.php?fid=18)
+--- Thread: [Plugin] Custom Query Flood Check (/showthread.php?tid=640162)
Custom Query Flood Check - Spmn - 28.08.2017
Custom Query Flood Check
Write custom protections against query flood
Info:
- This plugin redirects all calls from the original query flood check function to a new function written by the server owner in PAWN.
- Here is the original query flood check function converted to PAWN. This function is responsible for detecting flooding and for blocking queries when server is spammed with multiple packets coming from a bunch of different IPs.
- You may tweak it or write a better flood detection algorithm.
- Here is a list of sample protection scripts.
- See kurta999's YSF for more info about SA-MP query mechanism.
- Installing this plugin will disable the built-in query flood check, so you must your own protection!
- Use this filterscript to reimplement the default check.
- For better performance, write the protection directly into plugin source code to avoid AMX overhead.
- Compatible with 0.3.7 R2-1 only.
PHP Code:
forward OnQueryFloodCheck(queryType, binaryAddress);
/*
* Info:
* - called when a query is received
*
* Parameters:
* - queryType : a single character corresponding to the packet identifier as explained here: https://sampwiki.blast.hk/wiki/Query_Mechanism#Opcodes
* - binaryAddress : IP address of requester as a 32-bit unsigned integer
*
* Returns:
* - 0 (ZERO) : process the query
* - !=0 (NONZERO) : don't process the query
*
* Notes:
* - If any script returns NONZERO in this callback, then current query won't get processed.
* - If this callback is missing from all loaded scripts, then the plugin will **PROCESS ALL QUERIES** and will print a warning message in server log.
*/
Download the archive from Releases page and unpack it into your server directory. Then edit "server.cfg":
- Windows:
Code:filterscripts fs-original-check # or write your own protection plugins samp-custom-query-flood-check.dll
- Linux:
Code:filterscripts fs-original-check # or write your own protection plugins samp-custom-query-flood-check.so
Re: Custom Query Flood Check - nGen.SoNNy - 28.08.2017
Awesome, I was waiting for this.
Re: Custom Query Flood Check - Crystallize - 28.08.2017
So this is like plug n play?
Re: Custom Query Flood Check - Spmn - 29.08.2017
Quote:
|
Originally Posted by Crystallize
 So this is like plug n play?
|
So after you load the plugin you'll also have to load a custom protection written/edited by yourself or by somebody from the community.
Re: Custom Query Flood Check - Omirrow - 29.08.2017
I haven't tested it yet but I'm gonna give it a look when I'm free.
Looks good so far.
Re: Custom Query Flood Check - Paulice - 29.08.2017
I believe this won't block cookie requests, or am I wrong?
Re: Custom Query Flood Check - Spmn - 29.08.2017
Quote:
|
Originally Posted by Paulice
I believe this won't block cookie requests, or am I wrong?
|
Re: Custom Query Flood Check - Omirrow - 29.08.2017
Quote:
|
Originally Posted by Paulice
I believe this won't block cookie requests, or am I wrong?
|
Re: Custom Query Flood Check - Paulice - 29.08.2017
Then what's the point? The exploit sends multiple cookie requests, blocking would do nothing. Thus, querying still freezing or being delayed.
Re: Custom Query Flood Check - Spmn - 29.08.2017
Quote:
|
Originally Posted by Paulice
Then what's the point? The exploit sends multiple cookie requests, blocking would do nothing. Thus, querying still freezing or being delayed.
|
As you can see, if you receive multiple queries from different IPs in less than 25ms, the server will stop responding to queries, thus making server appear offline in SA-MP browser.
So, this plugin's purpose is to allow owners to make changes to that query flood check function WITHOUT having to manually patch it in server memory. (eg: lower the time check, write another detection algo or even deactivate the flood check by returning 0 in OnQueryFloodCheck callback)
Re: Custom Query Flood Check - connork - 29.08.2017
The urmem lib doesn't return the source-port for your plugin import it? Maybe it'll help us in scripting, more parameters are more possibilities.
Re: Custom Query Flood Check - Paulice - 29.08.2017
I flooded a local server (using return 1; in the callback only) and it didn't let me connect. Server still gets flooded with cookie requests.
Also, how is one able to stop flooding using this plugin (implying the above is/gets fixed)? If whatever you do still kinda makes the server unresponsive?
Re: Custom Query Flood Check - Spmn - 30.08.2017
Quote:
|
Originally Posted by connork
The urmem lib doesn't return the source-port for your plugin import it? Maybe it'll help us in scripting, more parameters are more possibilities.
|
Quote:
|
Originally Posted by Paulice
I flooded a local server (using return 1; in the callback only) and it didn't let me connect. Server still gets flooded with cookie requests.
|
Quote:
|
Originally Posted by Paulice
Also, how is one able to stop flooding using this plugin (implying the above is/gets fixed)? If whatever you do still kinda makes the server unresponsive?
|
If your server connection is solid enough, you can disable the protection entirely (return 0).
Or disable the protection for all packets except big ones (eg: normal playerlist 'c', extended playerlist 'd', external rcon 'x')
Re: Custom Query Flood Check - Morpheus1992 - 03.09.2017
Quote:
|
For better performance, implement the protection directly into plugin source code to avoid AMX overhead. |
What about that you add a default protection to your Plugin directly, so if the Callback is not added in any used Scripts it will use the default one from your Plugin and if the Callback is added in any used Scripts it will use the one from PAWN written by Scripters.
Not all PAWN Scripters know how to add a protection directly into the Plugin.
Would you do that for the next Version?
Re: Custom Query Flood Check - Paulice - 03.09.2017
Quote:
|
Originally Posted by Spmn
Well all your bandwidth was used for flooding, so that's normal. This should never happen on a proper hosted server.
|
On the other hand, it will be nice to use this to block packets sent by clients with their IP banned.
Re: Custom Query Flood Check - Spmn - 03.09.2017
Quote:
|
Originally Posted by Morpheus1992
First, thanks for your awesome Plugin, I was waiting for this!
What about that you add a default protection to your Plugin directly, so if the Callback is not added in any used Scripts it will use the default one from your Plugin and if the Callback is added in any used Scripts it will use the one from PAWN written by Scripters. Not all PAWN Scripters know how to add a protection directly into the Plugin. Would you do that for the next Version? |
That's the default behaviour.
Quote:
|
Originally Posted by Paulice
I assume you can use the tool without internet (should be possible as you can connect to the server with no internet), does bandwidth even come in play in this case?
|
Re: Custom Query Flood Check - youmasterd7 - 10.06.2018
My server is 0.3DL, the plugin that you have put is 0.3.7.
the console leaves "Loading SA-MP Custom Query Flood Check v1.0 ...
CQFC plugin is compatible only with SA-MP 0.3.7 R2-1. "
please could place a plugins for windows compatible with version 0.3.DL
Re: Custom Query Flood Check - rorrobryan - 03.09.2018
Pls update this plugin from 0.3.7 R2-2
And 0.3DL
Re: Custom Query Flood Check - rorrobryan - 07.01.2019
Someone who uses this plugin?