28.10.2018, 12:51
So, I had some mental retarted players who was saying to people to write /rcon (password) just to get banned. How i am supposed to protect server from using /rcon password ?
RCON
28.10.2018, 14:16
There are many ways you could do that, like
PHP Code:
new IsRconAuthorized[MAX_PLAYERS];
CMD:rconauthorize(playerid, params[]){
// password check, or whatever
IsRconAuthorized[playerid] = true; // if player passes the checks
return 1;
}
public OnRconLoginAttempt(ip[], password[], success){
if(IsRconAuthorized[playerid] == false)return 1; // return whatever you prefer
// code
return 1;
}
28.10.2018, 14:39
First step: filter text/params from `OnPlayerText` callback or from commands for containing "/rcon login" and block it.
Second step: on an unsuccessful attempt, log it and kick the player with a warning that the next attempt will not be tolerated and will be punished (ban).
Third step: ban the player with more than one unsuccessful attempt to login as RCON.
You can view your logs and ban players with one attempt only manually, if you want -- it is your judgement.
Second step: on an unsuccessful attempt, log it and kick the player with a warning that the next attempt will not be tolerated and will be punished (ban).
Third step: ban the player with more than one unsuccessful attempt to login as RCON.
You can view your logs and ban players with one attempt only manually, if you want -- it is your judgement.
28.10.2018, 14:52
Quote:
|
Originally Posted by v1k1nG
 There are many ways you could do that, like
PHP Code:
|
I don't see why this is worth a post, just don't ban the players and let them try rcon as much as they want. Or do your own layer of rcon warnings showing a dialog or something.
28.10.2018, 15:12
Yes there's no playerid there, I just fastly wrote an example without meaning to give a real fast solution.
My post was to tell to be creative in finding any solution, as there are many ways to face any matter.
My post was to tell to be creative in finding any solution, as there are many ways to face any matter.
28.10.2018, 17:44
Quote:
|
Originally Posted by v1k1nG
Yes there's no playerid there, I just fastly wrote an example without meaning to give a real fast solution.
My post was to tell to be creative in finding any solution, as there are many ways to face any matter. |
OT:
You can do something like this:
PHP Code:
public OnRconLoginAttempt(ip[], password[], success)
{
if(!success)
{
return 0; //does nothing
}
return 1;
}
28.10.2018, 17:46
Quote:
|
Originally Posted by ConnorW
You mean, you copy pasted that, we can see it.
OT: You can do something like this: PHP Code:
|
"This callback does not handle returns."
Changing to a random new strong rcon is another good way if somebody wants to disable it.
28.10.2018, 18:52
Quote:
|
Originally Posted by ConnorW
You mean, you copy pasted that, we can see it.
OT: You can do something like this: PHP Code:
|
You should think twice about posting.
And it was better if you'd copy paste something instead, as this is wrong.
28.10.2018, 21:32
PHP Code:
public OnPlayerText(playerid, text[])
{
if(strfind(text, "/rcon", true) != -1 || strfind(text, "/ rcon", true) != -1 || strfind(text, "rcon", true) != -1)
{
SendClientMessage(playerid, -1, "Bad idea.");
// Ban him if you want to :)
return 0;
}
return 1;
}
28.10.2018, 22:13
Quote:
|
Originally Posted by TheToretto
PHP Code:
|
28.10.2018, 22:19
Quote:
|
Originally Posted by RogueDrifter
/rcon is a client-side command it'll process regardless of whatever you do under OnPlayerText or OnPlayerCommandText. Just like /pagesize and /headmove and so on.
|
28.10.2018, 22:21
Quote:
|
Originally Posted by TheToretto
Have a closer look to the code. It prevents players to send this in the chat :" /rcon", yes, with the space so basically if someone types : "Use /rcon login 123!" he'll get flagged by the strfind above.
|
28.10.2018, 22:38
Quote:
|
Originally Posted by RogueDrifter
That'll bait other players falsey = more chances of trolling + it can be evaded by typing: "Hey guys type / r con without the space to get admin!" and then they'll get kicked by your own system. Or furthermore case sensitivty, "guys type /Rcon to get admin" and so on.
|
There is an option for the case sensitivness in the strfind, and I checked it so it's not case sensitive, any form with the same word will flag the error message above.
28.10.2018, 22:42
Quote:
|
Originally Posted by TheToretto
You can't make a perfectly accurate system for this, but at least you can counter some idiots, being kicked or banned will reduce the amount of discovering which words are blacklisted.
There is an option for the case sensitivness in the strfind, and I checked it so it's not case sensitive, any form with the same word will flag the error message above. |
28.10.2018, 22:45
Quote:
|
Originally Posted by RogueDrifter
I don't think you understood what i meant by baiting players and more trolling, you can't make a system to kick for rcon, simply put, don't do anything to people trying to access rcon.
|
The author wants just to keep off the trollers who want make others banned, my little snippet will do it.
28.10.2018, 22:55
Quote:
|
Originally Posted by TheToretto
The more they try to access it without any security measures the more it becomes vulnerable, depends on how strong is the password
The author wants just to keep off the trollers who want make others banned, my little snippet will do it. |
pawn Code:
public OnRconLoginAttempt(ip[], password[], success)
{
if(success) //If by any means they figured out the PW
{
new pip[16];
for(new i = GetPlayerPoolSize(); i != -1; --i) //Loop through all players
{
GetPlayerIp(i, pip, sizeof(pip));
if(!strcmp(ip, pip, true)) //If a player's IP is the IP that failed the login
{
Kick(i); //They are now kicked.
}
}
}
return 1;
}
28.10.2018, 22:59
Re-read the first post ffs...
Then compare it to my code and tell me if it's not what's requested?
Quote:
|
Originally Posted by Hunud
So, I had some mental retarted players who was saying to people to write /rcon (password) just to get banned. How i am supposed to protect server from using /rcon password ?
|
28.10.2018, 23:05
Quote:
|
Originally Posted by TheToretto
Re-read the first post ffs...
Then compare it to my code and tell me if it's not what's requested? |
My method on the other hand of simply disabling the rcon by kicking whoever successes to login, then creating your own rcon (which could be done in one command) is a 100% effective one.
28.10.2018, 23:18
Use array with warnings, if player writes /rcon login less than 3 times send him msg with info about warning x/3 or kick/BlockIpAdress
29.10.2018, 06:58
(
Last edited by TheToretto; 29/10/2018 at 07:01 AM.
Reason: Ban(playerid) to Ban(i)
)
Quote:
|
Originally Posted by Jefff
Use array with warnings, if player writes /rcon login less than 3 times send him msg with info about warning x/3 or kick/BlockIpAdress
|
PHP Code:
public OnRconLoginAttempt(ip[], password[], success)
{
if(!success)
{
new IPAddr[16], str[64];
static r_Warnings[MAX_PLAYERS];
for(new i; i < MAX_PLAYERS; i++)
{
if(!IsPlayerConnected(i)) continue;
GetPlayerIp(i, IPAddr, sizeof(IPAddr));
if(!strcmp(ip, IPAddr, false))
{
if(r_Warnings[i] < 2)
{
r_Warnings[i]++;
format(str, sizeof(str), "Warnings: (%i / 3)", r_Warnings[i]);
return SendClientMessage(i, -1, str);
}
else
{
Ban/*Ex*/(i); // Delay the ban with a timer so the playerid receives the message before getting banned
return SendClientMessage(i, -1, "You've been warned.");
}
}
}
}
return 1;
}
« Next Oldest | Next Newest »
Users browsing this thread: 2 Guest(s)