SA-MP Forums

Go Back   SA-MP Forums > SA-MP Scripting and Plugins > Filterscripts > Tools and Files

Reply
 
Thread Tools Display Modes
Old 28/07/2017, 10:14 PM   #1
SlowARG
Little Clucker
 
Join Date: Feb 2014
Posts: 42
Reputation: 14
Default [C] Nobody's Firewall - Protection against query/cookie flood.

Nobody's Firewall
Simple firewall that protect your server against query/cookie flood.
Current version: 0.1 BETA FIX #2.

••• Description •••
Nobody Firewall (aka nfwall) is a simple —but powerful— firewall for SA-MP that protect your server against query flood/cookie flood attacks.

••• Why? •••
I didn't program for some years ago and i've retired from SA-MP. Recently a friend asked me for help with pawn and... I don't know, simply i want'd to program in C again and i noticed that the actual anti 'server full' attacks haven't been updated for some months, so i decided to work in a new firewall that protect the servers against known query flood and the cookie flood for SA-MP 0.3.7.

••• Features •••
Open Source.
Programmed purely in C.
Use lipbcap.
Ban logs.
Debug mode.
Actually runs only on Linux (i will relese a multi-so version soon).

••• Dependences •••
libpcap. (https://github.com/the-tcpdump-group/libpcap)

••• Downloads •••
https://github.com/n0bodysec/NobodyFirewall
Licensed under GNU General Public License v3.

••• Special thanks •••
n3ptun0 (aka Stella) for his firewall for SA-MP 0.3e.
Silver Moon for his base code.


Y̶u̶p̶,̶ ̶a̶ ̶p̶o̶o̶r̶ ̶p̶o̶s̶t̶.̶

Greetings!
Nobody.

Last edited by SlowARG; 26/08/2018 at 12:18 AM.
SlowARG is offline   Reply With Quote
Old 30/07/2017, 02:03 AM   #2
Ouizzane
Little Clucker
 
Join Date: Jul 2017
Posts: 2
Reputation: 0
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Impressive, we wait for the new version for windows with impatience.
Ouizzane is offline   Reply With Quote
Old 22/08/2017, 10:36 PM   #3
azzerking
Gangsta
 
azzerking's Avatar
 
Join Date: Dec 2009
Location: England, Leicestershire
Posts: 488
Reputation: 70
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Cool Idea,

But one problem is the loopback address can be faked, and any experienced programmer with some hacking knowledge will know this.

Don't ignore any address, treat all as a possible threat.

I am an experienced Ethical Hacker / Software and Network Engineer and I myself have made the same mistake a couple of years ago, so maybe update the code to not ignore the loopback address.
__________________


Web Skill: PHP, HTML, CSS, JS, RUBY, NODE.js.

Programing Skill: Objective C, C#, C++, D#, Python, Java, MySQL.

OS Skill: Windows (95 - 10), Ubuntu/Debian, Raspbian, Kali, Arch, Unix, Mac (E-MACs - Current)

Scripting Skill: LUA, Pawn, C38*
azzerking is offline   Reply With Quote
Old 24/08/2017, 06:54 PM   #4
denNorske
Gangsta
 
denNorske's Avatar
 
Join Date: Nov 2011
Location: Oslo, Norway
Posts: 784
Reputation: 75
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Nice - I kinda of need this at the moment, but whenever I try to make it (and after installing all the dependencies prior to trying), i get this output while "make":

Code:
~/NobodyFirewall# make
gcc -lpcap -lpthread nfwall.c -o nfwall
nfwall.c: In function ‘main’:
nfwall.c:96:3: warning: too many arguments for format [-Wformat-extra-args]
   printf("[!] Warning: Using default interface: \"%s\".\n\n", iface, argv[0]);
   ^
nfwall.c: In function ‘ProcessSAMPPacket’:
nfwall.c:179:3: error: ‘for’ loop initial declarations are only allowed in C99 m                                                               ode
   for (int i = 0; i < STRUCT_NUMBER; i++)
   ^
nfwall.c:179:3: note: use option -std=c99 or -std=gnu99 to compile your code
nfwall.c: In function ‘ProcessCookiePacket’:
nfwall.c:205:3: error: ‘for’ loop initial declarations are only allowed in C99 m                                                               ode
   for (int i = 0; i < STRUCT_NUMBER; i++)
   ^
nfwall.c: In function ‘CheckIfExists’:
nfwall.c:236:2: error: ‘for’ loop initial declarations are only allowed in C99 m                                                               ode
  for (int i = 0; i < STRUCT_NUMBER; i++)
  ^
nfwall.c: In function ‘threadReload’:
nfwall.c:246:2: error: ‘for’ loop initial declarations are only allowed in C99 m                                                               ode
  for (int i = 0; i < STRUCT_NUMBER; i++)
  ^
make: *** [all] Error 1
Any idea if this is system or code related issue?
denNorske is offline   Reply With Quote
Old 24/08/2017, 07:25 PM   #5
oMa37
High-roller
 
oMa37's Avatar
 
Join Date: Feb 2016
Posts: 1,011
Reputation: 155
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Well done!
oMa37 is offline   Reply With Quote
Old 25/08/2017, 04:11 PM   #6
azzerking
Gangsta
 
azzerking's Avatar
 
Join Date: Dec 2009
Location: England, Leicestershire
Posts: 488
Reputation: 70
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Quote:
Originally Posted by denNorske View Post
Nice - I kinda of need this at the moment, but whenever I try to make it (and after installing all the dependencies prior to trying), i get this output while "make":

Code:
~/NobodyFirewall# make
gcc -lpcap -lpthread nfwall.c -o nfwall
nfwall.c: In function ‘main’:
nfwall.c:96:3: warning: too many arguments for format [-Wformat-extra-args]
   printf("[!] Warning: Using default interface: \"%s\".\n\n", iface, argv[0]);
   ^
nfwall.c: In function ‘ProcessSAMPPacket’:
nfwall.c:179:3: error: ‘for’ loop initial declarations are only allowed in C99 m                                                               ode
   for (int i = 0; i < STRUCT_NUMBER; i++)
   ^
nfwall.c:179:3: note: use option -std=c99 or -std=gnu99 to compile your code
nfwall.c: In function ‘ProcessCookiePacket’:
nfwall.c:205:3: error: ‘for’ loop initial declarations are only allowed in C99 m                                                               ode
   for (int i = 0; i < STRUCT_NUMBER; i++)
   ^
nfwall.c: In function ‘CheckIfExists’:
nfwall.c:236:2: error: ‘for’ loop initial declarations are only allowed in C99 m                                                               ode
  for (int i = 0; i < STRUCT_NUMBER; i++)
  ^
nfwall.c: In function ‘threadReload’:
nfwall.c:246:2: error: ‘for’ loop initial declarations are only allowed in C99 m                                                               ode
  for (int i = 0; i < STRUCT_NUMBER; i++)
  ^
make: *** [all] Error 1
Any idea if this is system or code related issue?
What version of gcc do you currently have installed?

Also you can just add '-std=c99' to the makefile in order to invoke a C99 compiler.

Calling /usr/bin/c99 instead of /usr/bin/gcc on an Ubuntu system, this points to a script which invokes gcc after having added the -std=c99 flag, which is precisely what you want
__________________


Web Skill: PHP, HTML, CSS, JS, RUBY, NODE.js.

Programing Skill: Objective C, C#, C++, D#, Python, Java, MySQL.

OS Skill: Windows (95 - 10), Ubuntu/Debian, Raspbian, Kali, Arch, Unix, Mac (E-MACs - Current)

Scripting Skill: LUA, Pawn, C38*
azzerking is offline   Reply With Quote
Old 25/08/2017, 09:55 PM   #7
blackgangs
Banned
 
Join Date: Mar 2014
Location: cairo,egypt
Posts: 84
Reputation: 7
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Code:
~/NobodyFirewall# make
gcc -lpcap -lpthread nfwall.c -o nfwall
make: gcc: Command not found
Makefile:2: recipe for target 'all' failed
make: *** [all] Error 127
any idea?
blackgangs is offline   Reply With Quote
Old 26/08/2017, 07:08 AM   #8
azzerking
Gangsta
 
azzerking's Avatar
 
Join Date: Dec 2009
Location: England, Leicestershire
Posts: 488
Reputation: 70
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Quote:
Originally Posted by blackgangs View Post
Code:
~/NobodyFirewall# make
gcc -lpcap -lpthread nfwall.c -o nfwall
make: gcc: Command not found
Makefile:2: recipe for target 'all' failed
make: *** [all] Error 127
any idea?
You need to install gcc

depending on what version of your OS supports.

apt-get install gcc-*.* ( replacing * with the version of gcc, you wish to install)
__________________


Web Skill: PHP, HTML, CSS, JS, RUBY, NODE.js.

Programing Skill: Objective C, C#, C++, D#, Python, Java, MySQL.

OS Skill: Windows (95 - 10), Ubuntu/Debian, Raspbian, Kali, Arch, Unix, Mac (E-MACs - Current)

Scripting Skill: LUA, Pawn, C38*
azzerking is offline   Reply With Quote
Old 26/08/2017, 08:15 AM   #9
Sgt.TheDarkness
Huge Clucker
 
Sgt.TheDarkness's Avatar
 
Join Date: Jun 2012
Location: Moscow, Russia.
Posts: 257
Reputation: 50
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Code:
gcc -lpcap -lpthread nfwall.c --std=c99 -o nfwall
In file included from /usr/include/pcap/pcap.h:51:0,
                 from /usr/include/pcap.h:45,
                 from nfwall.c:18:
/usr/include/pcap/bpf.h:91:1: error: unknown type name ‘u_int’
 typedef u_int bpf_u_int32;
 ^
/usr/include/pcap/bpf.h:111:2: error: unknown type name ‘u_int’
  u_int bf_len;
  ^
/usr/include/pcap/bpf.h:1317:2: error: unknown type name ‘u_short’
  u_short code;
  ^
/usr/include/pcap/bpf.h:1318:2: error: unknown type name ‘u_char’
  u_char  jt;
  ^
/usr/include/pcap/bpf.h:1319:2: error: unknown type name ‘u_char’
  u_char  jf;
  ^
/usr/include/pcap/bpf.h:1341:1: error: unknown type name ‘u_int’
 extern u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
 ^
/usr/include/pcap/bpf.h:1341:38: error: unknown type name ‘u_char’
 extern u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
                                      ^
/usr/include/pcap/bpf.h:1341:66: error: unknown type name ‘u_int’
 extern u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
                                                                  ^
/usr/include/pcap/bpf.h:1341:73: error: unknown type name ‘u_int’
 extern u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
                                                                         ^
/usr/include/pcap/bpf.h:1342:1: error: unknown type name ‘u_int’
 extern u_int bpf_filter_with_aux_data(const struct bpf_insn *, const u_char *, u_int, u_int, const struct bpf_aux_data *);
 ^
/usr/include/pcap/bpf.h:1342:52: error: unknown type name ‘u_char’
 extern u_int bpf_filter_with_aux_data(const struct bpf_insn *, const u_char *, u_int, u_int, const struct bpf_aux_data *);
                                                    ^
/usr/include/pcap/bpf.h:1342:80: error: unknown type name ‘u_int’
 extern u_int bpf_filter_with_aux_data(const struct bpf_insn *, const u_char *, u_int, u_int, const struct bpf_aux_data *);
                                                                                ^
/usr/include/pcap/bpf.h:1342:87: error: unknown type name ‘u_int’
 extern u_int bpf_filter_with_aux_data(const struct bpf_insn *, const u_char *, u_int, u_int, const struct bpf_aux_data *);
                                                                                       ^
In file included from /usr/include/pcap.h:45:0,
                 from nfwall.c:18:
/usr/include/pcap/pcap.h:126:2: error: unknown type name ‘u_short’
  u_short version_major;
  ^
/usr/include/pcap/pcap.h:127:2: error: unknown type name ‘u_short’
  u_short version_minor;
  ^
/usr/include/pcap/pcap.h:172:2: error: unknown type name ‘u_int’
  u_int ps_recv;  /* number of packets received */
  ^
/usr/include/pcap/pcap.h:173:2: error: unknown type name ‘u_int’
  u_int ps_drop;  /* number of packets dropped */
  ^
/usr/include/pcap/pcap.h:174:2: error: unknown type name ‘u_int’
  u_int ps_ifdrop; /* drops by interface -- only supported on some platforms */
  ^
/usr/include/pcap/pcap.h:237:30: error: unknown type name ‘u_char’
 typedef void (*pcap_handler)(u_char *, const struct pcap_pkthdr *,
                              ^
/usr/include/pcap/pcap.h:238:9: error: unknown type name ‘u_char’
         const u_char *);
         ^
/usr/include/pcap/pcap.h:351:56: error: unknown type name ‘u_int’
 pcap_t *pcap_open_dead_with_tstamp_precision(int, int, u_int);
                                                        ^
/usr/include/pcap/pcap.h:352:63: error: unknown type name ‘u_int’
 pcap_t *pcap_open_offline_with_tstamp_precision(const char *, u_int, char *);
                                                               ^
/usr/include/pcap/pcap.h:367:58: error: unknown type name ‘u_int’
 pcap_t *pcap_fopen_offline_with_tstamp_precision(FILE *, u_int, char *);
                                                          ^
/usr/include/pcap/pcap.h:372:30: error: unknown type name ‘pcap_handler’
 int pcap_loop(pcap_t *, int, pcap_handler, u_char *);
                              ^
/usr/include/pcap/pcap.h:372:44: error: unknown type name ‘u_char’
 int pcap_loop(pcap_t *, int, pcap_handler, u_char *);
                                            ^
/usr/include/pcap/pcap.h:373:34: error: unknown type name ‘pcap_handler’
 int pcap_dispatch(pcap_t *, int, pcap_handler, u_char *);
                                  ^
/usr/include/pcap/pcap.h:373:48: error: unknown type name ‘u_char’
 int pcap_dispatch(pcap_t *, int, pcap_handler, u_char *);
                                                ^
/usr/include/pcap/pcap.h:374:1: error: unknown type name ‘u_char’
 const u_char*
 ^
/usr/include/pcap/pcap.h:376:36: error: unknown type name ‘u_char’
 int  pcap_next_ex(pcap_t *, struct pcap_pkthdr **, const u_char **);
                                    ^
/usr/include/pcap/pcap.h:384:1: error: unknown type name ‘u_char’
 int pcap_sendpacket(pcap_t *, const u_char *, int);
 ^
/usr/include/pcap/pcap.h:395:19: error: unknown type name ‘u_char’
      const struct pcap_pkthdr *, const u_char *);
                   ^
/usr/include/pcap/pcap.h:419:16: error: unknown type name ‘u_char’
 void pcap_dump(u_char *, const struct pcap_pkthdr *, const u_char *);
                ^
/usr/include/pcap/pcap.h:419:39: error: unknown type name ‘u_char’
 void pcap_dump(u_char *, const struct pcap_pkthdr *, const u_char *);
                                       ^
/usr/include/pcap/pcap.h:434:1: error: unknown type name ‘u_int’
 u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
 ^
/usr/include/pcap/pcap.h:434:31: error: unknown type name ‘u_char’
 u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
                               ^
/usr/include/pcap/pcap.h:434:59: error: unknown type name ‘u_int’
 u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
                                                           ^
/usr/include/pcap/pcap.h:434:66: error: unknown type name ‘u_int’
 u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
                                                                  ^
nfwall.c:35:21: error: unknown type name ‘u_char’
 void ProcessPackets(u_char*, const struct pcap_pkthdr*, const u_char*);
                     ^
nfwall.c:35:43: error: unknown type name ‘u_char’
 void ProcessPackets(u_char*, const struct pcap_pkthdr*, const u_char*);
                                           ^
nfwall.c:36:1: error: unknown type name ‘u_char’
 void ProcessUDPPacket(const u_char*, int);
 ^
nfwall.c:37:36: error: unknown type name ‘u_short’
 void ProcessSAMPPacket(char* host, u_short port, uint query);
                                    ^
nfwall.c:38:38: error: unknown type name ‘u_short’
 void ProcessCookiePacket(char* host, u_short port);
                                      ^
nfwall.c: In function ‘main’:
nfwall.c:117:2: warning: implicit declaration of function ‘pcap_loop’ [-Wimplicit-function-declaration]
  pcap_loop(handle, -1, ProcessPackets, NULL);
  ^
nfwall.c:117:24: error: ‘ProcessPackets’ undeclared (first use in this function)
  pcap_loop(handle, -1, ProcessPackets, NULL);
                        ^
nfwall.c:117:24: note: each undeclared identifier is reported only once for each function it appears in
nfwall.c: At top level:
nfwall.c:121:21: error: unknown type name ‘u_char’
 void ProcessPackets(u_char* args, const struct pcap_pkthdr* header, const u_char* buffer)
                     ^
nfwall.c:121:48: error: unknown type name ‘u_char’
 void ProcessPackets(u_char* args, const struct pcap_pkthdr* header, const u_char* buffer)
                                                ^
nfwall.c:135:1: error: unknown type name ‘u_char’
 void ProcessUDPPacket(const u_char* buffer, int size)
 ^
nfwall.c: In function ‘ProcessUDPPacket’:
nfwall.c:151:2: error: unknown type name ‘u_char’
  const u_char* packet = buffer + header_size;
  ^
nfwall.c:154:3: warning: implicit declaration of function ‘ProcessSAMPPacket’ [-Wimplicit-function-declaration]
   ProcessSAMPPacket(inet_ntoa(source.sin_addr), ntohs(udph->dest), (uint)packet[10]);
   ^
nfwall.c:157:3: warning: implicit declaration of function ‘ProcessCookiePacket’ [-Wimplicit-function-declaration]
   ProcessCookiePacket(inet_ntoa(source.sin_addr), ntohs(udph->dest));
   ^
nfwall.c: At top level:
nfwall.c:165:36: error: unknown type name ‘u_short’
 void ProcessSAMPPacket(char* host, u_short port, uint query)
                                    ^
nfwall.c:191:38: error: unknown type name ‘u_short’
 void ProcessCookiePacket(char* host, u_short port)
                                      ^
make: *** [all] Error 1

Invoked c99 compiler but im still getting errors here, compiling on centos 7.
__________________
Sgt.TheDarkness is offline   Reply With Quote
Old 26/08/2017, 10:12 AM   #10
denNorske
Gangsta
 
denNorske's Avatar
 
Join Date: Nov 2011
Location: Oslo, Norway
Posts: 784
Reputation: 75
Default Re: Nobody's Firewall - Protection against query/cookie flood.

Quote:
Originally Posted by azzerking View Post
What version of gcc do you currently have installed?

Also you can just add '-std=c99' to the makefile in order to invoke a C99 compiler.

Calling /usr/bin/c99 instead of /usr/bin/gcc on an Ubuntu system, this points to a script which invokes gcc after having added the -std=c99 flag, which is precisely what you want
Thanks, I'll give it a try
denNorske is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[HELP ]requests connection cookie / ip flood VenomMancer Server Support 10 12/06/2015 07:55 PM
Flood requests connection cookie. RDM Server Support 4 28/05/2015 05:29 PM
Flood requests connection cookie. RDM Bug Reports 3 28/05/2015 04:02 PM


All times are GMT. The time now is 10:37 PM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.