SA-MP Forums

SA-MP Forums (http://forum.sa-mp.com/index.php)
-   Plugin Development (http://forum.sa-mp.com/forumdisplay.php?f=18)
-   -   [Plugin] Custom Query Flood Check (http://forum.sa-mp.com/showthread.php?t=640162)

Spmn 28/08/2017 08:53 PM

Custom Query Flood Check
 
Custom Query Flood Check

Write custom protections against query flood



Info:
  • This plugin redirects all calls from the original query flood check function to a new function written by the server owner in PAWN.
  • Here is the original query flood check function converted to PAWN. This function is responsible for detecting flooding and for blocking queries when server is spammed with multiple packets coming from a bunch of different IPs.
  • You may tweak it or write a better flood detection algorithm.
  • Here is a list of sample protection scripts.
  • See kurta999's YSF for more info about SA-MP query mechanism.
WARNING:
  • Installing this plugin will disable the built-in query flood check, so you must your own protection!
  • Use this filterscript to reimplement the default check.
  • For better performance, write the protection directly into plugin source code to avoid AMX overhead.
  • Compatible with 0.3.7 R2-1 only.
Download:Callback:
PHP Code:

forward OnQueryFloodCheck(queryTypebinaryAddress); 
/*
 * Info:
 *  - called when a query is received
 *
 * Parameters:
 *  - queryType     : a single character corresponding to the packet identifier as explained here: http://wiki.sa-mp.com/wiki/Query_Mechanism#Opcodes
 *  - binaryAddress : IP address of requester as a 32-bit unsigned integer
 *
 * Returns:
 *  -   0 (ZERO)    : process the query
 *  - !=0 (NONZERO) : don't process the query
 *
 * Notes:
 *  - If any script returns NONZERO in this callback, then current query won't get processed.
 *  - If this callback is missing from all loaded scripts, then the plugin will **PROCESS ALL QUERIES** and will print a warning message in server log. 
 */ 

How to install:
Download the archive from Releases page and unpack it into your server directory. Then edit "server.cfg":
  • Windows:
    Code:

    filterscripts fs-original-check            # or write your own protection
    plugins samp-custom-query-flood-check.dll

  • Linux:
    Code:

    filterscripts fs-original-check            # or write your own protection
    plugins samp-custom-query-flood-check.so


nGen.SoNNy 28/08/2017 10:09 PM

Re: Custom Query Flood Check
 
Awesome, I was waiting for this.

Crystallize 28/08/2017 10:24 PM

Re: Custom Query Flood Check
 
So this is like plug n play?

Spmn 29/08/2017 08:05 AM

Re: Custom Query Flood Check
 
Quote:

Originally Posted by Crystallize (Post 3920646)
So this is like plug n play?

Not really... This plugin only enables server owners to write their own protections against query flooding. Or they can tweak the original protection without going through the lowlevel asm hell.

So after you load the plugin you'll also have to load a custom protection written/edited by yourself or by somebody from the community.

Omirrow 29/08/2017 03:02 PM

Re: Custom Query Flood Check
 
I haven't tested it yet but I'm gonna give it a look when I'm free.

Looks good so far.

Paulice 29/08/2017 03:59 PM

Re: Custom Query Flood Check
 
I believe this won't block cookie requests, or am I wrong?

Spmn 29/08/2017 04:56 PM

Re: Custom Query Flood Check
 
Quote:

Originally Posted by Paulice (Post 3920869)
I believe this won't block cookie requests, or am I wrong?

Cookie requests are part of player joining code, so this plugin doesn't cover them.

Omirrow 29/08/2017 05:10 PM

Re: Custom Query Flood Check
 
Quote:

Originally Posted by Paulice (Post 3920869)
I believe this won't block cookie requests, or am I wrong?

It's morely like queries that comes through a PHP server and such.

Paulice 29/08/2017 05:28 PM

Re: Custom Query Flood Check
 
Then what's the point? The exploit sends multiple cookie requests, blocking would do nothing. Thus, querying still freezing or being delayed.

Spmn 29/08/2017 05:46 PM

Re: Custom Query Flood Check
 
Quote:

Originally Posted by Paulice (Post 3920913)
Then what's the point? The exploit sends multiple cookie requests, blocking would do nothing. Thus, querying still freezing or being delayed.

The current exploit floods the server with fake player connections AND queries from multiple spoofed IPs. Cookies are there for preventing that nasty 0.3z server full attack, while query flood is being 'detected' internally (vanilla SA-MP server) by this code: https://github.com/spmn/samp-custom-...inal-check.pwn
As you can see, if you receive multiple queries from different IPs in less than 25ms, the server will stop responding to queries, thus making server appear offline in SA-MP browser.

So, this plugin's purpose is to allow owners to make changes to that query flood check function WITHOUT having to manually patch it in server memory. (eg: lower the time check, write another detection algo or even deactivate the flood check by returning 0 in OnQueryFloodCheck callback)


All times are GMT. The time now is 03:41 AM.

Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.