Raised This Month: $12 Target: $400
 3% 

SM RCon (updated 2012-09-09)


Post New Thread Reply   
 
Thread Tools Display Modes
GoD-Tony
Veteran Member
Join Date: Jul 2005
Old 10-17-2011 , 12:54   Re: SM RCon (updated 2011-09-29)
Reply With Quote #11

I'm using this for verbose rcon logging, but I'm starting to see some potential problems.

1. SMRCon_OnAuth is triggered even if an IP is banned. Meaning they could continue spamming auth attempts and flood logs.

2. Some plugins rely on the rcon output to get information from servers (HLSW, maybe SourceBans), and logging during SMRCon_OnCommand sends that information back over the rcon which would interfere.

Is logging during these forwards a bad idea to begin with?
__________________

Last edited by GoD-Tony; 10-17-2011 at 12:59.
GoD-Tony is offline
psychonic

BAFFLED
Join Date: May 2008
Old 10-17-2011 , 13:03   Re: SM RCon (updated 2011-09-29)
Reply With Quote #12

Quote:
Originally Posted by GoD-Tony View Post
1. SMRCon_OnAuth is triggered even if an IP is banned. Meaning they could continue spamming auth attempts and flood logs.
The allow bool passed in should already be false if the connection would be denied without your intervention. Is that not the case?

Quote:
Originally Posted by GoD-Tony View Post
2. Some plugins rely on the rcon output to get information from servers (HLSW, maybe SourceBans), and logging during SMRCon_OnCommand sends that information back over the rcon which would interfere.
That shouldn't be any different than logging during commands without this ext if they were executed via rcon. All console output during the command is forwarded. You could try temporarily turning off sv_logecho.
psychonic is offline
GoD-Tony
Veteran Member
Join Date: Jul 2005
Old 10-18-2011 , 05:26   Re: SM RCon (updated 2011-09-29)
Reply With Quote #13

As a followup to my last post; I worked around issue #2 by delaying the logging using a timer, and issue #1 by not monitoring failed auth attempts.
__________________
GoD-Tony is offline
Bacardi
Veteran Member
Join Date: Jan 2010
Location: mom's basement
Old 12-08-2011 , 14:00   Re: SM RCon (updated 2011-09-29)
Reply With Quote #14

Can someone give advice, how I could log actions without showing to rcon user/spammer ?


Happen:
SMRCon_OnAuth()
SMRCon_OnCommand()

(And maybe rest Action: functions)...

PHP Code:
#include <smrcon>
new String:path[256];

public 
OnPluginStart()
{
    
BuildPath(Path_SMpathsizeof(path), "logs/smrcon.txt");
    
//RegConsoleCmd("sm_testi", testi);
}

public 
Action:testi(clientargs)
{
    
LogToFileEx(path"SMRCon_IsCmdFromRCon(%s)"SMRCon_IsCmdFromRCon() ? "true":"false");
    return 
Plugin_Handled;
}

public 
Action:SMRCon_OnAuth(rconId, const String:address[], const String:password[], &bool:allow)
{
    
//LogToFile(path, "rconId %i, address %s, password %s %s", rconId, address, password, allow ? "allow":"deny");
    
LogToFileEx(path"Liirum laarum");
}

public 
Action:SMRCon_OnCommand(rconId, const String:address[], const String:command[], &bool:allow)
{
    
//LogToFile(path, "rconId %i, address %s, command %s %s", rconId, address, command, allow ? "allow":"deny");
    
LogToFileEx(path"Uliuliuli huhuhu");
}

public 
SMRCon_OnDisconnect(rconId)
{
    
//LogToFile(path, "SMRCon_OnDisconnect(%i)", rconId);
    
LogToFileEx(path"Poispois");
}

public 
Action:SMRCon_OnLog(rconId, const String:address[], const String:logdata[])
{
    
//LogToFile(path, "rconId %i, address %s, logdata %s", rconId, address, logdata);
    
LogToFileEx(path"Tuu tuu tuu");

Should I delay this logging with datatimer ??
Attached Thumbnails
Click image for larger version

Name:	smrcon.gif
Views:	1308
Size:	28.8 KB
ID:	96433  
__________________
Do not Private Message @me
Bacardi is offline
GoD-Tony
Veteran Member
Join Date: Jul 2005
Old 12-08-2011 , 15:56   Re: SM RCon (updated 2011-09-29)
Reply With Quote #15

Quote:
Originally Posted by Bacardi View Post
Should I delay this logging with datatimer ??
Yes, this is the only way to prevent it from being sent back through rcon.
__________________
GoD-Tony is offline
Bacardi
Veteran Member
Join Date: Jan 2010
Location: mom's basement
Old 12-08-2011 , 19:28   Re: SM RCon (updated 2011-09-29)
Reply With Quote #16

Quote:
Originally Posted by GoD-Tony View Post
Yes, this is the only way to prevent it from being sent back through rcon.
Done and works... need check will this leave open handles.
stupid plugin


output txt
__________________
Do not Private Message @me

Last edited by Bacardi; 12-08-2011 at 19:33.
Bacardi is offline
jungjunghoo
Senior Member
Join Date: Sep 2009
Old 12-15-2011 , 20:20   Re: SM RCon (updated 2011-09-29)
Reply With Quote #17

What's different in sm basic rcon system?
jungjunghoo is offline
psychonic

BAFFLED
Join Date: May 2008
Old 03-10-2012 , 15:57   Re: SM RCon (updated 2012-03-10)
Reply With Quote #18

Version 1.2.0 has been posted.

This will now, by default, block rcon from any banned addresses, even if they use the correct password. The engine apparently lets banned users use rcon :/

This also resolves SMRCon_OnAuth being fired when banned addresses attempt to auth.
psychonic is offline
Bacardi
Veteran Member
Join Date: Jan 2010
Location: mom's basement
Old 03-10-2012 , 17:12   Re: SM RCon (updated 2012-03-10)
Reply With Quote #19

Quote:
Originally Posted by psychonic View Post
Version 1.2.0 has been posted.

This will now, by default, block rcon from any banned addresses, even if they use the correct password. The engine apparently lets banned users use rcon :/

This also resolves SMRCon_OnAuth being fired when banned addresses attempt to auth.
Really
Yes!

*edit
God dam ! I go my self banned , can't remove my IP XD.
Need do a trick...

*edit
If you have same IP as Server, you can still log in rcon with right password, even you have get banned by rcon hacking (extension not prevent this).

Last edited by Bacardi; 03-10-2012 at 19:49. Reason: not can, *can't
Bacardi is offline
psychonic

BAFFLED
Join Date: May 2008
Old 03-10-2012 , 19:58   Re: SM RCon (updated 2012-03-10)
Reply With Quote #20

Quote:
Originally Posted by Bacardi View Post
If you have same IP as Server, you can still log in rcon with right password, even you have get banned by rcon hacking (extension not prevent this).
Are you sure that the extension doesn't prevent that? I used local testing for most of my tests (and retested that scenario now), binding the server to my lan ip and then connecting to the same lan ip (no 127.0.0.1/loopback).

Last edited by psychonic; 03-10-2012 at 20:01.
psychonic is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 19:24.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode