I'm using this for verbose rcon logging, but I'm starting to see some potential problems.
1. SMRCon_OnAuth is triggered even if an IP is banned. Meaning they could continue spamming auth attempts and flood logs.
2. Some plugins rely on the rcon output to get information from servers (HLSW, maybe SourceBans), and logging during SMRCon_OnCommand sends that information back over the rcon which would interfere.
Is logging during these forwards a bad idea to begin with?
1. SMRCon_OnAuth is triggered even if an IP is banned. Meaning they could continue spamming auth attempts and flood logs.
The allow bool passed in should already be false if the connection would be denied without your intervention. Is that not the case?
Quote:
Originally Posted by GoD-Tony
2. Some plugins rely on the rcon output to get information from servers (HLSW, maybe SourceBans), and logging during SMRCon_OnCommand sends that information back over the rcon which would interfere.
That shouldn't be any different than logging during commands without this ext if they were executed via rcon. All console output during the command is forwarded. You could try temporarily turning off sv_logecho.
This will now, by default, block rcon from any banned addresses, even if they use the correct password. The engine apparently lets banned users use rcon :/
This also resolves SMRCon_OnAuth being fired when banned addresses attempt to auth.
This will now, by default, block rcon from any banned addresses, even if they use the correct password. The engine apparently lets banned users use rcon :/
This also resolves SMRCon_OnAuth being fired when banned addresses attempt to auth.
Really
Yes!
*edit
God dam ! I go my self banned , can't remove my IP XD.
Need do a trick...
*edit
If you have same IP as Server, you can still log in rcon with right password, even you have get banned by rcon hacking (extension not prevent this).
Last edited by Bacardi; 03-10-2012 at 19:49.
Reason: not can, *can't
If you have same IP as Server, you can still log in rcon with right password, even you have get banned by rcon hacking (extension not prevent this).
Are you sure that the extension doesn't prevent that? I used local testing for most of my tests (and retested that scenario now), binding the server to my lan ip and then connecting to the same lan ip (no 127.0.0.1/loopback).