Forlix FloodCheck (2009/03)
This SourceMod addon (for CS:S, DOD:S and TF2) provides general purpose
flood and exploit protection. Chat- and radio-flooders will be blocked for a short amount of time. Players flooding the server using
a flooding-script such as with ma_timeleft, will be kicked instantly and temporarily banned on the second flooding attempt.
Connect-spam will cause a player to be IP-banned for a short time. The plugin integrates very smoothly with the game, as it also
takes care of chat and radio deadtimes that are imposed by the engine itself. The plugin fixes practically all important server crashing
exploits and bugs for servers not using sv_cheats (no server should enable cheats anyway).
|
Connect spam
|
The plugin exposes the native "IsClientFlooding" which can be used by other plugins to ignore chat commands while a player is flooding.
More detailed features:
- Blocks a lot of dangerous console commands, some of which are capable of crashing the server in certain situations
- Players having control characters such as line breaks or CS:S color codes in their name will not be allowed to connect
(also blocked are &names&, names containing only spaces, or zero-length names)
- Player names within the joined-the-game, change-name and disconnect messages are cleaned from
control characters so they do not mess up the chat
- Chat messages containing control characters will be blocked
- Players using voice_loopback (makes them hear their own voice stream, used by HLDJ and other playback tools)
will be muted automatically. This cuts down about 90% of the music-spam on a server
- Disconnect reasons are filtered for control characters and truncated to a reasonable length.
This fixes exploits where using malformed disconnect messages, a client was able to crash or disconnect other clients.
As a side effect, this also fixes the Steam disconnect messages ("No Steam Logon", "STEAM UserID is already in use on this server", ...)
that had line breaks in them and thus messed up the chat and server logs
- Connect spammers will be IP-banned for a short time, so any attempt will only cause max. 3 joined-the-game
lines on the server (when using the default convar values). IP-ban removal is enforced by the plugin, fixing the bug where some
temporary bans would not get removed by the server itself
Changes in v1.1: (2009/04)
- Improved spam-detection algorithm
- Radio messages are now included in the calculation and are blocked as well
Changes in v1.2: (2009/05)
- Fixed bug in .inc file that caused malfunctions in dependent plugins when unloading floodcheck
Changes in v1.3: (2009/07)
- Further improved the spam-detection algorithm
- Command-flooders can now automatically be banned on the second try
- Added ConVar to set or disable the temporary banning time
- Almost all possible client commands are now included in the check for flooding
Changes in v1.35: (2009/08)
- ConVar limits and defaults modified to more suitable values
- Changed some ConVar descriptions to be more accurate
- Chat messages now included in hard-flood detection (chat triggers count twice)
- Now marks some known, lag-causing server commands as cheat
Changes in v1.4: (2009/08)
- Added support for TF2 and DOD:S radio commands
- Added more commands to be marked as cheat (includes dump_entity_sizes)
- Game detection now done by mod-dir instead of game description
Changes in v1.54: (2009/12)
- Added ConVar to exclude SourceMod chat triggers from spam detection
- physics_budget (causes all physics props to freeze) now blocked
- Added protection against RCON crash exploit (Bad Password...)
- Blocks some more crash causing commands (prevents the half-connected crashes)
- Now checks names and chat messages for unprintable chars (color codes, line breaks, etc.)
- Zero-length names are also detected (Players appearing as "unconnected")
Changes in v1.7: (2010/05)
- Added ConVar to automatically mute players using voice_loopback
- Added reliable connect-spam protection that IP-bans clients for a short time
- Player names in the &name&-style or containing only spaces will no longer be allowed to connect
- Malformed player names are now cleaned up in connect/disconnect/changename messages
- Disconnect reasons now filtered and truncated to reasonable length
(fixes exploits where one clients disconnect causes all clients to disconnect or even crash)
- Fixed chat messages of maximum length not being read in correctly
- Fixed non-ingame clients sending radio/say commands causing error in flood detection
- More meaningful kick messages for bad player names
Changes in v1.71: (2011/04)
- Globally muted players can no longer use radio commands (CS:S & DOD:S)
- Removed "No spam!" messages - now simply blocking spam silently
- Disconnect reason truncation lowered to 63 chars to match Valve's clientside implementation
- Removed RCON min/maxfailures enforcement due to Valve fixing the issue
Changes in v1.73: (2013/05)
- Added name change flood protection to take care of name change spammers
- Hard flood and name flood detections now ban on first violation
- Ban times now default to 2.5 hours; permanent bans are no longer possible
Configuration ConVars:
The default values for all of these convars have already been very well chosen.
You should modify them only with good reason and if you are sure what you are doing.
forlix_floodcheck_chat_interval (default 4)
- Minimum average interval in seconds between a players chat- and radio-messages (0 to disable)
forlix_floodcheck_chat_num (default 3)
- Player is considered spamming after undershooting <forlix_floodcheck_chat_interval> this many times
forlix_floodcheck_hard_interval (default 2)
- Time in seconds in which <forlix_floodcheck_hard_num> commands are allowed (0 to disable)
forlix_floodcheck_hard_num (default 200)
- Maximum number of client commands allowed in <forlix_floodcheck_hard_interval> seconds
forlix_floodcheck_hard_ban_time (default 150)
- Number of minutes a client is banned for when hard-flooding
forlix_floodcheck_name_interval (default 120)
- Time in seconds in which <forlix_floodcheck_name_num> name changes are allowed (0 to disable)
forlix_floodcheck_name_num (default 3)
- Maximum number of name changes allowed in <forlix_floodcheck_name_interval> seconds
forlix_floodcheck_name_ban_time (default 150)
- Number of minutes a client is banned for when name-flooding
forlix_floodcheck_connect_interval (default 5)
- Time in seconds in which <forlix_floodcheck_connect_num> connects are allowed (0 to disable)
forlix_floodcheck_connect_num (default 2)
- Maximum number of connects allowed in <forlix_floodcheck_connect_interval> seconds
forlix_floodcheck_connect_ban_time (default 50)
- Number of seconds a client is IP-banned for when connect-flooding
forlix_floodcheck_exclude_chat_triggers (default 1)
- Excludes (1) or includes (0) SourceMod chat triggers in the chat flood detection
forlix_floodcheck_mute_voice_loopback (default 1)
- Mute players enabling voice_loopback (1) or allow its use (0)
forlix_floodcheck_version
- Version tracking (don't modify this)
-
Servers running this plugin (GameTracker.com)
|