[Jovazxc]

Ok, the source code was added newly

[Glimma]

Memory hacking isn't allowed? https://sampforum.blast.hk/showthread.php?tid=428066

Good job Jossta.

[OrMisicL]

Quote:

Originally Posted by DeadSkyTkb Memory hacking isn't allowed? https://sampforum.blast.hk/showthread.php?tid=428066 Good job Jossta.

I took authorization from the samp team before releasing that plugin, any memory hacking plugin should do the same

@Jostaa: i think you should contact somebody from samp team via PM or IRC, since Kalcor is inactive from a while (February !)

[Slice]

This could be done with iptables, btw.

Something like this:

Code:

-N SAMP_QUERY
-A SAMP_QUERY -m hashlimit --hashlimit-name samp-query --hashlimit-above 3/s --hashlimit-burst 6 --hashlimit-mode srcip,dstport -j DROP
-A SAMP_QUERY -j ACCEPT

-A INPUT -p udp -m length --length 43 --dport 7777 -m string --algo kmp --hex-string "SAMP|2E1322F2B822" -j SAMP_QUERY

The hex string is IP+port (see this).

[AccountName]

Where does the ip get banned?

[RyDeR`]

About the plugin, it's too sensitive; try spamming a couple of commands and it'll ban you. You should definitely improve it by more tests and more accurate values. I think 200 is too low, you should increase that value to a max possible, so innocent people don't get banned. Besides that, very nice plugin - I don't see any reason why SA:MP team would not allow this plugin.

Quote:

Originally Posted by AccountName Where does the ip get banned?

It gets banned in the netsh firewall service in Windows. Just execute this (in cmd.exe) to unban your IP:

Code:

netsh advfirewall firewall delete rule name=all remoteip=YOUR_IP_ADDRESS

[Jovazxc]

Quote:

Originally Posted by Gamer_Z kind of useless considering the facts that you have the choice to only use windows firewall, why not make a configuration file in which the command to add a rule is stored in, like anti-query.conf with the text of windows firewall rule add, and then users will be able to use their own firewall.

if I understood well, make a configuration file that store the rules and when the server starts load these rules? and when shutdown the server delete the rules from the firewall and not from the file, would be good, and better manage the bans?

but considering it ban's so much ip's, could take server startup

Quote:

Originally Posted by RyDeR` About the plugin, it's too sensitive; try spamming a couple of commands and it'll ban you. You should definitely improve it by more tests and more accurate values. I think 200 is too low, you should increase that value to a max possible, so innocent people don't get banned. Besides that, very nice plugin - I don't see any reason why SA:MP team would not allow this plugin.

Yes, you have reason, i will improve this soon

[Jovazxc]

Quote:

Originally Posted by Gamer_Z just so users can replace the command which gets executed, and eg %IP% is the ip flooded, in a string, etc

now I understand, but that another firewall can be used with the command line?

[Jovazxc]

Updated, v1.1 released

[CoaPsyFactor]

Nice plugin, although there are many ways to detect flood attack.

@Gamer_Z - why can't you stop being such a c**ck blocker? (it is wrong word for this, but I can't remember any other)

[Richard_Gere]

development is frozen?

[ReV.]

Has anyone tested this and can confirm its working?

also does this work for the "Packet Modified" exploit?

[dudaefj]

Hello

I've updated my visual studio 2010 to 2012 and now when I try to build, I'm getting those error messages:

1>detours.lib(detours.obj) : error LNK2026: module unsafe for SAFESEH image.
1>detours.lib(disasm.obj) : error LNK2026: module unsafe for SAFESEH image.


does anyone know what should I do to fix that?

[Jovazxc]

Set your project properties like here

[Jovazxc]

Updated to SA-MP 0.3x R2

[no1508]

Hey, Jovazxc!

Support 0.3z ?

[Abagail]

He hasn't logged in since the 14th so it may be a while before he sees this anyways there have been more complex methods I believe developed such as the one by Gamer_Z that will do the same thing, if I am not wrong.

[jamesbond007]

eh? why cant i extract this ? anyone else? do i need to update my winrar lol
! C:\Users\Max\Downloads\firewall (1).zip: Unknown method in firewall\detours\detours.lib
! C:\Users\Max\Downloads\firewall (1).zip: Unknown method in firewall\main.cpp
! C:\Users\Max\Downloads\firewall (1).zip: Unknown method in firewall\main.h

[Abagail]

It's old, don't even try to use it, it won't work because it uses memory hacking, you'd have to update it from 0.3x to 0.3.7, and frankly there are better plugins available that do the same thing.

[jamesbond007]

ah didnt see the date... guys stop bumping it