31.01.2013, 19:12
(
Последний раз редактировалось xxmitsu; 31.01.2013 в 19:44.
)
My NPCs are also blocked of joining the server. The server is configured of listening to one of the public IPs of the host's and the NPCs are validated with:
So, after the NPCs are joining the game, they are blocked:
Just adding 127.0.0.1 to some kind of 'whitelist' won't be enough. If allowing NPCs connect from anywhere is a security risk because of IP spoofing, perhaps there could be made:
- some additional port for NPC connect and that we block that port from external access/filter it with firewall
- or some kind of password only for NPCs configurable from npc.cfg and server.cfg and only the NPCs that know the password be allowed to connect.
Код:
if(IsPlayerNPC(playerid)) {
new ip_addr_server[64+1];
GetServerVarAsString("bind",ip_addr_server,64);
if(!strcmp(ipAddr,ip_addr_server,true)) kick ..
....
Код:
[31/01/2013 22:19:20] Incoming connection: myip:53189 [31/01/2013 22:19:21] Incoming connection: myip:34208 [31/01/2013 22:19:21] Incoming connection: myip:57506 [31/01/2013 22:19:21] Incoming connection: myip:48963 [31/01/2013 22:19:21] Incoming connection: myip:47721 [31/01/2013 22:19:21] Incoming connection: myip:44736 [31/01/2013 22:19:21] Incoming connection: myip:46265 [31/01/2013 22:19:21] Incoming connection: myip:44082 [31/01/2013 22:19:21] Incoming connection: myip:60045 [31/01/2013 22:19:21] Incoming connection: myip:38676 [31/01/2013 22:19:21] Incoming connection: myip:33011 [31/01/2013 22:19:21] Blocking myip due to a 'server full' attack (1)
- some additional port for NPC connect and that we block that port from external access/filter it with firewall
- or some kind of password only for NPCs configurable from npc.cfg and server.cfg and only the NPCs that know the password be allowed to connect.