[mrfelix24777]

https://pastebin.com/MtehQ4rL

Since this morning i have this problem and i can't fix it, i searched every topic about this subject on the web and no solution, all the topics are old and the solution is to "upgrade to the new version of sa-mp 0.3.z", i use the best hosting provider in my country, i sent them a ticket and they said that it's my problem and only i can fix it, the flood is with fake ip's, banning them is useless, even so, i can't ban 10000 ip's, i tried to ban the ip class but that will ban "innocent" players ip's also...i can't place a limit on ip connection because the ip is never the same and changes every second, the connections are only incoming and not connecting, in sa-mp list's, server appears as offline, but if you wait 2 minutes, it will show to be online, if i connect, the server says is full...if i place a limit on connections of ips, the limit will be quite big and the players will experience problems while connecting.

Edit: Yes, my server is on hosted list. Stunt Mode.

[Pizzy]

Is your server on hosted list?

It looks like someone is attacking a huge range of servers. Mine is also being affected by this.

[10MIN]

Quote:

You can set cloudflare to proxy the http connections, then you won't appear in DNS entries. This doesn't help you if the attacker already has your IP address. I recommend you enable cloudflare's proxying and then change your IP address.

Source: ddos - My server is getting SYN flooded

[Jefff]

You can only use /rcon conncookies 1 to prevent 'server is full' but only your host can block it by adding connection filter

[mrfelix24777]

Quote:

Originally Posted by Jefff You can only use /rcon conncookies 1 to prevent 'server is full' but only your host can block it by adding connection filter

We temporary fixed the server is full problem by banning some of the ips, but the server still appears as offline in samp list, and i talked to Hosting Provider and they said is none of their business.

Edit: I guess that we (sa-mp community) have to wait for an answer or a fix from sa-mp team ?

[RDM]

Hello, this attack is totally spoofed, several servers are being attacked, it is not feasible to block it via firewall at the moment, we are trying to solve the problem and make the solution open source!

[cuber]

This needs to be on http://forum.sa-mp.com/forumdisplay.php?f=19 here tho. I hope I don't get attacked by these cunts when my server is up. Good luck to everyone..

[thegamer355]

Is OnPlayerConnect called when this happens?

I'm asking because my server isn't under attack, and i want to have something in case it ever happens

[10MIN]

thegamer as I have tried my login system with a bot (lazy to start samp client to test) this is from the log

Код:

[21:45:37] Number of vehicle models: 0
[21:45:44] [connection] 127.0.0.1:57112 requests connection cookie.
[21:45:44] [connection] incoming connection: 127.0.0.1:57112 id: 0
[21:45:44] [join] Eu_Robot has joined the server (0:127.0.0.1)
[21:45:44] player connected

The flood is requesting cookie and not getting the id. So you can't actually do anything with OnPlayerConnect.
PS: Banning them on samp.bans will not work:

Код:

[21:48:21] [connection] 127.0.0.1:50222 requests connection cookie.
[21:48:21] [connection] incoming connection: 127.0.0.1:50222 id: 0
[21:48:33] [connection] 127.0.0.1:62711 requests connection cookie.
[21:48:33] [connection] incoming connection: 127.0.0.1:62711 id: 0
[21:48:45] [connection] 127.0.0.1:53348 requests connection cookie.
[21:48:45] [connection] incoming connection: 127.0.0.1:53348 id: 0
[21:48:57] [connection] 127.0.0.1:59677 requests connection cookie.
[21:48:57] [connection] incoming connection: 127.0.0.1:59677 id: 0
[21:49:09] [connection] 127.0.0.1:51488 requests connection cookie.
[21:49:09] [connection] incoming connection: 127.0.0.1:51488 id: 0
[21:49:22] [connection] 127.0.0.1:51489 requests connection cookie.
[21:49:22] [connection] incoming connection: 127.0.0.1:51489 id: 0
Console input: reloadbans
[21:49:26] 
[21:49:26] Ban list
[21:49:26] --------
[21:49:26]  Loaded: samp.ban
[21:49:26] 
[21:49:34] [connection] 127.0.0.1:61502 requests connection cookie.
[21:49:34] [connection] incoming connection: 127.0.0.1:61502 id: 0
[21:49:46] [connection] 127.0.0.1:61503 requests connection cookie.
[21:49:46] [connection] incoming connection: 127.0.0.1:61503 id: 0

As you can see nothing will work... I know only that who is doing this maybe is using a "cluster" of modified bots...

[thegamer355]

What i meant:

- A bot connects, with an IP
- Get that IP using OnInComingConnection
- If that IP does not reach OnPlayerConnect, like checking with a timer, which loops through all players and gets their IP and checks if it matches with the one stored before, use BlockIpAddress to temp "ban" that ip

If the IP would have proceeded, it would've gotten an ID, if not, it's a fake, and get rid of it


Would that work?