SA-MP Forums

Go Back   SA-MP Forums > SA-MP Scripting and Plugins > Plugin Development

Reply
 
Thread Tools Display Modes
Old 28/08/2017, 09:53 PM   #1
Spmn
Gangsta
 
Join Date: Jun 2015
Location: Romania
Posts: 528
Reputation: 113
Spray Custom Query Flood Check

Custom Query Flood Check

Write custom protections against query flood



Info:
  • This plugin redirects all calls from the original query flood check function to a new function written by the server owner in PAWN.
  • Here is the original query flood check function converted to PAWN. This function is responsible for detecting flooding and for blocking queries when server is spammed with multiple packets coming from a bunch of different IPs.
  • You may tweak it or write a better flood detection algorithm.
  • Here is a list of sample protection scripts.
  • See kurta999's YSF for more info about SA-MP query mechanism.
WARNING:
  • Installing this plugin will disable the built-in query flood check, so you must your own protection!
  • Use this filterscript to reimplement the default check.
  • For better performance, write the protection directly into plugin source code to avoid AMX overhead.
  • Compatible with 0.3.7 R2-1 only.
Download:Callback:
PHP Code:
forward OnQueryFloodCheck(queryTypebinaryAddress); 
/*
 * Info:
 *  - called when a query is received
 *
 * Parameters:
 *  - queryType     : a single character corresponding to the packet identifier as explained here: http://wiki.sa-mp.com/wiki/Query_Mechanism#Opcodes
 *  - binaryAddress : IP address of requester as a 32-bit unsigned integer
 *
 * Returns:
 *  -   0 (ZERO)    : process the query
 *  - !=0 (NONZERO) : don't process the query
 *
 * Notes:
 *  - If any script returns NONZERO in this callback, then current query won't get processed.
 *  - If this callback is missing from all loaded scripts, then the plugin will **PROCESS ALL QUERIES** and will print a warning message in server log. 
 */ 
How to install:
Download the archive from Releases page and unpack it into your server directory. Then edit "server.cfg":
  • Windows:
    Code:
    filterscripts fs-original-check            # or write your own protection
    plugins samp-custom-query-flood-check.dll
  • Linux:
    Code:
    filterscripts fs-original-check            # or write your own protection
    plugins samp-custom-query-flood-check.so
Spmn is online now   Reply With Quote
Old 28/08/2017, 11:09 PM   #2
nGen.SoNNy
High-roller
 
nGen.SoNNy's Avatar
 
Join Date: Sep 2009
Location: Romania
Posts: 1,001
Reputation: 65
Default Re: Custom Query Flood Check

Awesome, I was waiting for this.
__________________
If i've helped you, please click
nGen.SoNNy is offline   Reply With Quote
Old 28/08/2017, 11:24 PM   #3
Crystallize
High-roller
 
Join Date: Aug 2013
Posts: 1,554
Reputation: 293
Default Re: Custom Query Flood Check

So this is like plug n play?
Crystallize is offline   Reply With Quote
Old 29/08/2017, 09:05 AM   #4
Spmn
Gangsta
 
Join Date: Jun 2015
Location: Romania
Posts: 528
Reputation: 113
Default Re: Custom Query Flood Check

Quote:
Originally Posted by Crystallize View Post
So this is like plug n play?
Not really... This plugin only enables server owners to write their own protections against query flooding. Or they can tweak the original protection without going through the lowlevel asm hell.

So after you load the plugin you'll also have to load a custom protection written/edited by yourself or by somebody from the community.
Spmn is online now   Reply With Quote
Old 29/08/2017, 04:02 PM   #5
Omirrow
Huge Clucker
 
Join Date: Feb 2013
Location: Turkey
Posts: 288
Reputation: 8
Default Re: Custom Query Flood Check

I haven't tested it yet but I'm gonna give it a look when I'm free.

Looks good so far.
Omirrow is offline   Reply With Quote
Old 29/08/2017, 04:59 PM   #6
Paulice
Gangsta
 
Join Date: Jul 2017
Posts: 500
Reputation: 44
Default Re: Custom Query Flood Check

I believe this won't block cookie requests, or am I wrong?
Paulice is offline   Reply With Quote
Old 29/08/2017, 05:56 PM   #7
Spmn
Gangsta
 
Join Date: Jun 2015
Location: Romania
Posts: 528
Reputation: 113
Default Re: Custom Query Flood Check

Quote:
Originally Posted by Paulice View Post
I believe this won't block cookie requests, or am I wrong?
Cookie requests are part of player joining code, so this plugin doesn't cover them.
Spmn is online now   Reply With Quote
Old 29/08/2017, 06:10 PM   #8
Omirrow
Huge Clucker
 
Join Date: Feb 2013
Location: Turkey
Posts: 288
Reputation: 8
Post Re: Custom Query Flood Check

Quote:
Originally Posted by Paulice View Post
I believe this won't block cookie requests, or am I wrong?
It's morely like queries that comes through a PHP server and such.
Omirrow is offline   Reply With Quote
Old 29/08/2017, 06:28 PM   #9
Paulice
Gangsta
 
Join Date: Jul 2017
Posts: 500
Reputation: 44
Default Re: Custom Query Flood Check

Then what's the point? The exploit sends multiple cookie requests, blocking would do nothing. Thus, querying still freezing or being delayed.
Paulice is offline   Reply With Quote
Old 29/08/2017, 06:46 PM   #10
Spmn
Gangsta
 
Join Date: Jun 2015
Location: Romania
Posts: 528
Reputation: 113
Default Re: Custom Query Flood Check

Quote:
Originally Posted by Paulice View Post
Then what's the point? The exploit sends multiple cookie requests, blocking would do nothing. Thus, querying still freezing or being delayed.
The current exploit floods the server with fake player connections AND queries from multiple spoofed IPs. Cookies are there for preventing that nasty 0.3z server full attack, while query flood is being 'detected' internally (vanilla SA-MP server) by this code: https://github.com/spmn/samp-custom-...inal-check.pwn
As you can see, if you receive multiple queries from different IPs in less than 25ms, the server will stop responding to queries, thus making server appear offline in SA-MP browser.

So, this plugin's purpose is to allow owners to make changes to that query flood check function WITHOUT having to manually patch it in server memory. (eg: lower the time check, write another detection algo or even deactivate the flood check by returning 0 in OnQueryFloodCheck callback)
Spmn is online now   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Help, query flood FelipeAndres Server Support 0 20/05/2016 03:08 AM
[HELP] Query Flood Lumabd Server Support 4 06/05/2015 07:34 AM
QUERY flood in log file Garsio Server Support 2 26/10/2013 04:50 PM


All times are GMT. The time now is 02:24 PM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.