[iLearner]

Quote:

Originally Posted by Redirect Left so then what does this fix? Because it doesn't stop the server from crashing to the point where you can't connect, even though the process is still running, and the server's network traffic is fine, it can be accessed as normal, so it isn't the server running out of bandwidth.

M pretty sure that's another story cause the query flood never affected the server.

[Battlezone]

We've been however experiencing an unusual server restart problem few hours after we updated the server with the test package version, this happened at least 3 times. Not sure if we're the only ones havingthis problem now.

[Astralis]

Nice one.

[poxer]

Quote:

Originally Posted by Paulice FenixZone strikes again!

Could be though. I heard they used to ddos other RP servers to get rid of competence.

Quote:

Originally Posted by Kalcor Does OVH allow IP spoofing? I found the servers responsible for the attack. Spanish (South American) roleplay servers hosted on OVH in Canada. I'm not sure the actual spoofed packets were coming from OVH though. That explains why the original attack was set up with spoofed South American IP addresses.

OVH claims that when you order a dedicated server or vps, they won't interfere on what you do, since what you do is your problem, but if I'm not wrong, you can report those who use their machines to scam people, perform attacks and stuff.

Check this out: https://www.ovh.com/us/abuse/

[adri1]

they are responsible of these attacks too

[Sew_Sumi]

Quote:

Originally Posted by adri1 they are responsible of these attacks too

Pretty sure that's another situation, and one that's almost not controllable from here.

[KacperCL]

It's not working, i have too many [connection] incoming connection per second.

[adri1]

Some game-mp accounts get banned. Why?

[Crystallize]

Quote:

Originally Posted by adri1 they are responsible of these attacks too

I don't even see take a screenshot with a tool like gyazo or lightshot omfg its 2017

[Sew_Sumi]

Quote:

Originally Posted by adri1 it's not my screenshot

Not sure, but I'm reasonably sure that because this only happens in certain regions, that it's a DNS spoof, which they're redirecting the sa-mp list, and returning their own.

Especially considering that it is only a few people that encounter this.

[Hwang]

Quote:

Originally Posted by Kalcor Please note that the original R2-2 server download was withdrawn and replaced with R2-2-1. - The close proximity of clients sending 'c' and 'r' packets meant Rules List packets were being flood controlled improperly. Update 0.3.7 R2-2-1 (testing): - Changes the query flood control to deal with different query types independently. - Connection cookie logging is disabled by default. Downloads (testing): SA-MP 0.3.7 R2-2 Linux Server: http://files.sa-mp.com/samp037svr_R2-2-1.tar.gz SA-MP 0.3.7 R2-2 Windows Server: http://files.sa-mp.com/samp037_svr_R2-2-1_win32.zip

Thanks Kalcor.

[Redirect Left]

The best thing to come of this flood shit, is proof Kalcor is still alive, and at least somewhat interested in further patching / fixing SA:MP.

[adri1]

Quote:

Originally Posted by Spmn Yeah, also thieves who steal wallets in the street respect the law.

I mean that servers who attack are still on game-mp listing...

[Ubi]

As stated before, here is the source code of my plugin for those interested in (someone else released similar plugin with source, so there's no point of hiding it): http://ubi.livs.pl/samp/samp_prot_ver2_s.zip

However there's no point of using it.. Use Kalcor's update first

[blackgangs]

Quote:

Originally Posted by Ubi As stated before, here is the source code of my plugin for those interested in (someone else released similar plugin with source, so there's no point of hiding it): http://ubi.livs.pl/samp/samp_prot_ver2_s.zip However there's no point of using it.. Use Kalcor's update first

i would not recommend anyone to use this plugin. it'll work fine for few hours after that your cpu / ram usage will exceed, Which will cause massive amount of lags in server.

[Ubi]

Well.. It's not possible. It can cause high CPU usage because it disables query limit for some requests, but there are no memory leaks etc. Look at the source. I've just simply nop'ed two "jne" opcodes.

[blackgangs]

Quote:

Originally Posted by Ubi Well.. It's not possible. It can cause high CPU usage because it disables query limit for some requests, but there are no memory leaks etc. Look at the source. I've just simply nop'ed two "jne" opcodes.

RAM usage suddenly went 1GB i did restart server didn't work so had to remove the plugin.

[Ubi]

Maybe you combined it with latest Kalcor updates? Make sure your samp binary is "0.3.7 R2-1" (linux) or "0.3.7 R2-1-1" (windows). It may also interfere with plugins like "fixes", "YSF" or any other memory hacking stuff. Anyway, try Kalcor's update first, without my plugin.

[NeTTs]

You can use simple anti for incoming connections spam

Код:

new playerC[MAX_PLAYERS];
new playerLastConnect=0, playerLastIP[16]="______", connectTime=0;

public OnPlayerConnect(playerid)
{
	playerC[playerid] = 0;
	return 1;
}

public OnIncomingConnection(playerid, ip_address[], port)
{
	if(!strcmp(ip_address, playerLastIP))
	{
	    if(NetStats_ConnectionStatus(playerid) == 6)
	    {
			playerC[playerid] ++;
			
	        if(playerC[playerid] >= 4)
	        {
				BlockIpAddress(ip_address, 80000);
				printf("IP: %s probably incoming spam", ip_address);
	        	playerC[playerid] = 0;
	        }
	    }
	}
	if(playerLastConnect == playerid && gettime() - connectTime < 2 && !strcmp(ip_address, playerLastIP))
		return BlockIpAddress(ip_address, 70000), printf("IP: %s blocked incoming", ip_address);

	playerLastConnect = playerid;
	connectTime = gettime();
	return format(playerLastIP, 16, ip_address);
}

[Ubi]

This will not work with this spoof attack.