Raised This Month: $12 Target: $400
 3% 

Forlix FloodCheck


Post New Thread Reply   
 
Thread Tools Display Modes
Author
Forlix
Senior Member
Join Date: Dec 2008
Location: Hamburg, Germany
Plugin ID:
807
Plugin Version:
1.7
Plugin Category:
Server Management
Plugin Game:
Any
Plugin Dependencies:
    Servers with this Plugin:
    119 
    Plugin Description:
    General purpose flood and exploit protection
    Old 03-13-2009 , 15:09   Forlix FloodCheck
    Reply With Quote #1

    This SourceMod addon (for CS:S, DOD:S and TF2) provides general purpose flood and exploit protection. Chat- and radio-flooders will get the message "No spam!" and be blocked for a certain amount of time. Players flooding the server using a flooding-script such as with ma_timeleft, will be kicked instantly, and temporarily banned on the second flooding attempt. The plugin integrates very smoothly with the game, as it also takes care of chat and radio deadtimes that are imposed by the engine itself. The plugin fixes practically all important server crashing exploits and bugs for servers not using sv_cheats (no server should enable cheats anyway).

    The plugin exposes the native "IsClientFlooding" which can be used by other plugins to ignore chat commands while a player is flooding.

    More detailed features:
    • Blocks a lot of dangerous console commands, some of which are capable of crashing the server in certain situations
    • Prevents server crashes caused by people sending many incorrect rcon passwords. For best protection it is recommended to block the servers TCP port (default 27015) via firewall.
    • Players having control characters such as line breaks or CS:S color codes in their name will not be allowed to connect (also blocked are &names&, names containing only spaces, or zero-length names)
    • Player names within the joined-the-game, change-name and disconnect messages are cleaned from control characters so they do not mess up the chat
    • Chat messages containing control characters will be blocked
    • Players using voice_loopback (makes them hear their own voice stream, used by HLDJ and other playback tools) will be muted automatically. This cuts down about 90% of the music-spam on a server
    • Disconnect reasons are filtered for control characters and truncated to a reasonable length. This fixes exploits where using malformed disconnect messages, a client was able to crash or disconnect other clients. As a side effect, this also fixes the Steam disconnect messages ("No Steam Logon", "STEAM UserID is already in use on this server", ...) that had line breaks in them and thus messed up the chat and server logs
    • Connect spammers will be IP-banned for a short time, so any attempt will only cause max. 3 joined-the-game lines on the server (when using the default convar values). IP-ban removal is enforced by the plugin, fixing the bug where some temporary bans would not get removed by the server itself
    Changes in v1.1: (2009/04)
    • Improved spam-detection algorithm
    • Radio messages are now included in the calculation and are blocked as well
    Changes in v1.2: (2009/05)
    • Fixed bug in .inc file that caused malfunctions in dependent plugins when unloading floodcheck
    Changes in v1.3: (2009/07)
    • Further improved the spam-detection algorithm
    • Command-flooders can now automatically be banned on the second try
    • Added ConVar to set or disable the temporary banning time
    • Almost all possible client commands are now included in the check for flooding
    Changes in v1.35: (2009/08 )
    • ConVar limits and defaults modified to more suitable values
    • Changed some ConVar descriptions to be more accurate
    • Chat messages now included in hard-flood detection (chat triggers count twice)
    • Now marks some known, lag-causing server commands as cheat
    Changes in v1.4: (2009/08 )
    • Added support for TF2 and DOD:S radio commands
    • Added more commands to be marked as cheat (includes dump_entity_sizes)
    • Game detection now done by mod-dir instead of game description
    Changes in v1.54: (2009/12)
    • Added ConVar to exclude SourceMod chat triggers from spam detection
    • physics_budget (causes all physics props to freeze) now blocked
    • Added protection against Rcon crash exploit (Bad Password...)
    • Blocks some more crash causing commands (prevents the half-connected crashes)
    • Now checks names and chat messages for unprintable chars (color codes, line breaks, etc.)
    • Zero-length names are also detected (Players appearing as "unconnected")
    • My servers have been running with this nonstop - without crash - for over a month now
    Changes in v1.7: (2010/05)
    • Added ConVar to automatically mute players using voice_loopback
    • Added reliable connect-spam protection that IP-bans clients for a short time
    • Player names in the &name&-style or containing only spaces will no longer be allowed to connect
    • Malformed player names are now cleaned up in connect/disconnect/changename messages
    • Disconnect reasons now filtered and truncated to reasonable length (fixes exploits where one clients disconnect causes all clients to disconnect or even crash)
    • Fixed chat messages of maximum length not being read in correctly
    • Fixed non-ingame clients sending radio/say commands causing error in flood detection
    • More meaningful kick messages for bad player names
    Configuration ConVars:

    The default values for all of these convars have already been very well chosen.
    You should modify them only with good reason and if you are sure what you are doing.

    forlix_floodcheck_chat_interval (default 4)
    - Minimum average interval in seconds between a players chat- and radio-messages (0 to disable)

    forlix_floodcheck_chat_num (default 3)
    - Player is considered spamming after undershooting <forlix_floodcheck_chat_interval> this many times

    forlix_floodcheck_hard_interval (default 2)
    - Time in seconds in which <forlix_floodcheck_hard_num> commands are allowed (0 to disable)

    forlix_floodcheck_hard_num (default 200)
    - Maximum number of client commands allowed in <forlix_floodcheck_hard_interval> seconds

    forlix_floodcheck_hard_ban_time (default 2880)
    - Number of minutes a client is banned for when hard-flooding twice in a row (0 to disable)

    forlix_floodcheck_connect_interval (default 5)
    - Time in seconds in which <forlix_floodcheck_connect_num> connects are allowed (0 to disable)

    forlix_floodcheck_connect_num (default 2)
    - Maximum number of connects allowed in <forlix_floodcheck_connect_interval> seconds

    forlix_floodcheck_connect_ban_time (default 50)
    - Number of seconds a client is IP-banned for when connect-flooding

    forlix_floodcheck_exclude_chat_triggers (default 1)
    - Excludes (1) or includes (0) SourceMod chat triggers in the chat flood detection

    forlix_floodcheck_mute_voice_loopback (default 1)
    - Mute players enabling voice_loopback (1) or allow its use (0)

    forlix_floodcheck_version
    - Version tracking (don't modify this)

    Get the most recent version at:
    http://forlix.org/gameaddons/floodcheck.shtml

    Last edited by Forlix; 10-27-2012 at 20:36.
    Forlix is offline
    Send a message via ICQ to Forlix Send a message via MSN to Forlix
    ottobohn
    Senior Member
    Join Date: Sep 2007
    Old 05-19-2009 , 17:10   Re: Forlix FloodCheck v1.0
    Reply With Quote #2

    Good call. This is also installed in Kigen Anti-cheat.
    __________________
    Director

    Gaming with benefits.
    www.n00bsalad.net
    ottobohn is offline
    myzombie
    BANNED
    Join Date: Apr 2009
    Old 07-25-2009 , 20:28   Re: Forlix FloodCheck
    Reply With Quote #3

    Seems like the best antiflood plugin. Handles the radio spam as well.
    myzombie is offline
    adamnp
    Member
    Join Date: Jul 2008
    Location: Connecticut
    Old 08-06-2009 , 18:12   Re: Forlix FloodCheck
    Reply With Quote #4

    Nice plugin, thanks for your work!

    We are currently using the following for the convar's...Anyone else find any better results using anything different?

    forlix_floodcheck_chat_interval "1"
    forlix_floodcheck_chat_num "5"
    forlix_floodcheck_hard_interval "1"
    forlix_floodcheck_hard_num "4"
    forlix_floodcheck_hard_ban_time "1440"
    forlix_floodcheck_version "1.4"
    __________________
    Ritmo Technology Group, LLC
    Adam Piatek - Chief Technology Officer / Partner
    - Cheap Ventrilo Servers - NooBGalore Gaming Community - Cheap Web Hosting - Free file hosting - Free Tech Support -

    adamnp is offline
    Send a message via AIM to adamnp Send a message via Skype™ to adamnp
    adamnp
    Member
    Join Date: Jul 2008
    Location: Connecticut
    Old 08-06-2009 , 20:44   Re: Forlix FloodCheck
    Reply With Quote #5

    Quote:
    Originally Posted by adamnp View Post
    Nice plugin, thanks for your work!

    We are currently using the following for the convar's...Anyone else find any better results using anything different?

    forlix_floodcheck_chat_interval "1"
    forlix_floodcheck_chat_num "5"
    forlix_floodcheck_hard_interval "1"
    forlix_floodcheck_hard_num "4"
    forlix_floodcheck_hard_ban_time "1440"
    forlix_floodcheck_version "1.4"

    Edit: The above settings work great for spammers, however players that utilize the 's' 'd' 'f' 'g' or auto-buy scripts would be banned, the below settings work better.

    forlix_floodcheck_chat_interval "4"
    forlix_floodcheck_chat_num "3"
    forlix_floodcheck_hard_interval "2"
    forlix_floodcheck_hard_num "20" (15-25 works best)
    forlix_floodcheck_hard_ban_time "1440" (24 hours)
    forlix_floodcheck_version "1.3"
    __________________
    Ritmo Technology Group, LLC
    Adam Piatek - Chief Technology Officer / Partner
    - Cheap Ventrilo Servers - NooBGalore Gaming Community - Cheap Web Hosting - Free file hosting - Free Tech Support -

    adamnp is offline
    Send a message via AIM to adamnp Send a message via Skype™ to adamnp
    Forlix
    Senior Member
    Join Date: Dec 2008
    Location: Hamburg, Germany
    Old 08-07-2009 , 07:15   Re: Forlix FloodCheck
    Reply With Quote #6

    I use the default settings, although I think I'm going to increase the hard_num parameter, some people still get kicked for buying binds and stuff at 25...
    Note: You shouldn't modify the version cvar (its 1.4 in your first post), the plugin handles this.
    Forlix is offline
    Send a message via ICQ to Forlix Send a message via MSN to Forlix
    adamnp
    Member
    Join Date: Jul 2008
    Location: Connecticut
    Old 08-07-2009 , 20:31   Re: Forlix FloodCheck
    Reply With Quote #7

    Yeah, I was just farting with the config trying to figure out what it was, as you had it listed as a configuration convar...Once I loaded it and saw what it was, I changed it..

    As you said, Could you possibly increase the hardnum maximum? We are still having a few minor issues with buy scripts :}

    Most appreciated, and great work! 2 w00ts :}
    -Adam
    __________________
    Ritmo Technology Group, LLC
    Adam Piatek - Chief Technology Officer / Partner
    - Cheap Ventrilo Servers - NooBGalore Gaming Community - Cheap Web Hosting - Free file hosting - Free Tech Support -

    adamnp is offline
    Send a message via AIM to adamnp Send a message via Skype™ to adamnp
    Forlix
    Senior Member
    Join Date: Dec 2008
    Location: Hamburg, Germany
    Old 08-08-2009 , 09:19   Re: Forlix FloodCheck
    Reply With Quote #8

    Alright, here's the new version, hard_num now defaults to 200, min is 10 and max is 750, that should suffice. The buy scripts I checked out have around 10 commands per button press, so even when pressing their button in quick succession it wont kick you too soon, you'd have to manage 10 times a second.
    The floodscript I found on the net sends 150 commands per buttonpress, you now have to press twice to get kicked with that. To get the clients to overflow or stuff like that, you usually hit that button very often, so this shouldn't be an issue.
    Forlix is offline
    Send a message via ICQ to Forlix Send a message via MSN to Forlix
    Hollanda
    Senior Member
    Join Date: Sep 2006
    Location: Netherlands
    Old 08-10-2009 , 18:14   Re: Forlix FloodCheck
    Reply With Quote #9

    Quote:
    Originally Posted by adamnp View Post
    Edit: The above settings work great for spammers, however players that utilize the 's' 'd' 'f' 'g' or auto-buy scripts would be banned, the below settings work better.

    forlix_floodcheck_chat_interval "4"
    forlix_floodcheck_chat_num "3"
    forlix_floodcheck_hard_interval "2"
    forlix_floodcheck_hard_num "20" (15-25 works best)
    forlix_floodcheck_hard_ban_time "1440" (24 hours)
    forlix_floodcheck_version "1.3"
    In what file do I put the convars?
    Hollanda is offline
    adamnp
    Member
    Join Date: Jul 2008
    Location: Connecticut
    Old 08-10-2009 , 20:11   Re: Forlix FloodCheck
    Reply With Quote #10

    Quote:
    Originally Posted by Forlix View Post
    Alright, here's the new version, hard_num now defaults to 200, min is 10 and max is 750, that should suffice. The buy scripts I checked out have around 10 commands per button press, so even when pressing their button in quick succession it wont kick you too soon, you'd have to manage 10 times a second.
    The floodscript I found on the net sends 150 commands per buttonpress, you now have to press twice to get kicked with that. To get the clients to overflow or stuff like that, you usually hit that button very often, so this shouldn't be an issue.
    Awesome, works great now man

    Good job!
    __________________
    Ritmo Technology Group, LLC
    Adam Piatek - Chief Technology Officer / Partner
    - Cheap Ventrilo Servers - NooBGalore Gaming Community - Cheap Web Hosting - Free file hosting - Free Tech Support -

    adamnp is offline
    Send a message via AIM to adamnp Send a message via Skype™ to adamnp
    Reply


    Thread Tools
    Display Modes

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts

    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off

    Forum Jump


    All times are GMT -4. The time now is 16:58.


    Powered by vBulletin®
    Copyright ©2000 - 2024, vBulletin Solutions, Inc.
    Theme made by Freecode