ip banning

How can I set up ip banning on the sewer(base arena server)? I've tried adding lines to evo_banlist.cs, and banlist.cs with no success.
Example:
$BanList::addAbsolute(192.168.1.1);
«1

Comments

  • edited January 2011
    Hi
    Here is a direct copy of a guid ban from banlist.cs:
    "BanList::addAbsolute(19438, "0", 2147483647);"

    Of course one must have the guid of any player so you need admin powas or a neat script by quing.
    //  QGuid
    //  by {NQP!}Qing
    //  [email protected]
    //  http://netquickposse.com
    
    
    
    package QGuid
    {
    	function handleClientJoin(%msgType, %msgString, %clientName, %clientId, %targetId, %isAI, %isAdmin, %isSuperAdmin, %isSmurf, %guid)
    	{
    		parent::handleClientJoin(%msgType, %msgString, %clientName, %clientId, %targetId, %isAI, %isAdmin, %isSuperAdmin, %isSmurf, %guid);
    
    		if($CurrentTime12 !$= "")
    			$ClientConnectLog = $CurrentDate SPC $CurrentTime12 @ " ET" SPC stripchars(detag(%clientname), "\cp\co\c6\c7\c8\c9") SPC %guid;
    		else
    			$ClientConnectLog = stripchars(detag(%clientname), "\cp\co\c6\c7\c8\c9") SPC %guid;
    		if(%guid)
    			while (strlen(%guid) < 8) 
    				%guid = "0" @ %guid;
    		export("$ClientconnectLog", "logs/guid/" @ %guid @ ".cs", true);
    		export("$ClientConnectLog", "logs/ClientConnectLog.cs", true);
    		echo($clientConnectLog);
    	}
    };
    activatePackage(QGuid);
    

    You should be able to get ip bans going too, as guid bans will not prevent smurfing.
    So here's an example of the ip ban that takes out an entire neighborhood:
    "BanList::addAbsolute("IP:75.8.*.*.*", 0);"
  • Hello,

    I would agree with Blakhart, you don't want to use a GUID ban due to the smurfing reason. Tribes provides a function to get a client's IP: %client.getAddress(); which will return in the format of: "IP:Address". You could write something along the lines of that, or just go with Blakhart's suggested code.
  • Ok thanks. I am not a scripter, so I am not totally sure what to do with that script there. I do own the server, so getting any info I need on banning someone is easy enough. I already was doing GUID banning, but as you stated, people can smurf to infinity and keep coming back.

    Does that script go into the banlist.cs file?
    Does it matter if I am running evo mod? Because evo has it's own banlist.cs.
  • I tried adding this exact line:
    "BanList::addAbsolute("IP:75.8.*.*.*", 0);"

    To both banlist.cs, and evobanlist.cs using my own ip, and it did not work. Without the quotes of course, and with a $ sign in front of the Banlist.
  • ThythThyth Apotheosis Incarnate
    Ban system was reworked for the TribesNext patch. You'll have to use BanList::add(%guid, %ip, %seconds) to add entries to the new ban list. The addAbsolute method is not implemented.

    To do only an IP ban, you need to specify 0 for the GUID argument. To do only a GUID ban, the IP argument needs to be something other than an IP. IP ranges are not supported directly (though you could add the 256 or 65536 addresses by iterating if you want to).
  • edited January 2011
    I am wondering why the overhaul of the ban code, news to me. But anyway, the script I posted runs in a client, and it grabs every guid from every player that is in or enters any server while that client is connected. So the script gets dropped into your gamedata/base/scripts/autoexec folder. Then you have to look at the logs it makes to gather the guids of the players you want. With this script you can ensure banning of people (at least specific guids) you never want to see in your server without them even entering your server. A simpler way to get guids is from the server console or admin apps like tricon or evo or whatever. You can have the server set to log all joins and then you can just cull the data from there to create your ban string that you will enter into banlist.cs by hand unless the ban function gets fixed.

    so an example would be:
    BanList::add(%19438, %75.8.*.*.*, %0)
  • ThythThyth Apotheosis Incarnate
    Ban code was reworked because the original ban code doesn't work anymore. TribesNext game connections are closer to LAN mode connections than online mode connections, since none of the WON code is active. The original ban code ran in-engine based on the WON authentication image the client sent to the server as part of the connection handshake.

    In TribesNext, a client completes the connection process similar to the LAN mode, but is put into a new special "phase 0" mode where the script based authentication process occurs. The original ban check code thus doesn't have any real data to work with. As a result, I reimplemented most of the ban code as a hybrid Torque/Ruby script (the Ruby is only there to handle proper timekeeping). The standard in-game scripts that issue bans (i.e. super-admin bans via the right-click context menu in the lobby) all work correctly. IP is checked before the cryptographic challenge process is performed, and GUID is checked once the user's ownership of the certificate with a particular GUID is verified.

    You can see the code that I added in t2csri.vl2 under t2csri/bans.cs; if you desire, you can modify the behavior of this code. Adding wildcard support for IP addresses wouldn't really be that challenging (but it would need to be different from the code I have there already).
  • Thanks for the explaination Thyth.
  • BanList::add(%guid, %ip, %seconds)

    Is not working for me. Couple questions, so I put a "$" in front of that line? Does this go in my banlist.cs, or my evobanlist.cs file? do I include the "%" signs. I tired it a bunch of ways and can't seem to get it to work.

    Example, I put-- $BanList::add(%0, %IP:1.1.1.1, %1000000);
    Just like that, or am I getting the annotation wrong?
    Thank you for your help.
  • ThythThyth Apotheosis Incarnate
    You don't add anything to the banlist.cs manually. You don't add random $'s in front of things, nor do you add random %'s in front of things.

    To issue the correct ban for your example, issue the following into the game console: BanList::add(0, "IP:1.1.1.1", 1000000);
  • Ah, ok. Sorry for being such a noob. And to unban that person?

    If you were here, beers would be on me. :)
  • ThythThyth Apotheosis Incarnate
    The easiest way would be to ban the person for one second.
  • Ok did some tests tonight, and I put exactly this:
    BanList::add(0, "IP:1.1.1.1", 60);
    In the console, with the ip address being correct, and it did not work. I kicked the person right after putting that in the console, I have my kick set temporary to 10 seconds, and in 10 seconds he could come back. Does running EVO have anything to do with it?
  • the plot thickens!
  • ThythThyth Apotheosis Incarnate
    You kicked the person after entering the ban command. The kick code sets its own ban of 10 seconds as you said, overriding whatever you had there before. This behavior should be obvious given that I said the easiest way to unban someone is to issue a new ban with very short duration.

    Either use the ban function, or disconnect the user by deleting their client object after setting a ban via the command.
  • Sorry, none of this is obvious to me. I just remember reading somewhere that if you ban someone via the console, that does not kick them. I know next to nothing about scripting or how Tribes works internally. I took basic programming in like 1977, that's about it for me.

    I also had tried banning that person, and having them leave without kicking them, and it still did not work. They were able to rejoin. So I doubt deleting their client object (something I don't know how to do) would work either.
  • ThythThyth Apotheosis Incarnate
    Adding someone to the ban list does not automatically disconnect them. That is correct. The kick command code automatically adds a ban of duration $Host::KickBanTime seconds (set in the serverprefs.cs file). The ban command code is essentially identical to the kick command code, except the duration of the ban is specified by $Host::BanTime, again in seconds, in the same preferences file.

    Both the kick and ban commands disconnect the target user. Ideally you should use those instead of adding users to the ban list manually.

    You can also examine the banlist.cs file in the preferences directory after adding an entry to the ban list. There should be entries along the lines of: $BanList::IP1_1_1_1 = "#######"; and $BanList::GUID####### = "#######";

    The 1_1_1_1 will be the IP address target, and the blob after GUID will be the unique numeric identifier of the account. The values of these variables are Unix epoch values indicating the expiration time of the ban (in seconds since 01/01/1970 00:00 GMT).
  • Adding someone to the ban list does not automatically disconnect them. That is correct. The kick command code automatically adds a ban of duration $Host::KickBanTime seconds (set in the serverprefs.cs file). The ban command code is essentially identical to the kick command code, except the duration of the ban is specified by $Host::BanTime, again in seconds, in the same preferences file.

    Both the kick and ban commands disconnect the target user. Ideally you should use those instead of adding users to the ban list manually.


    All that I understood already. But when I use the kick or ban option from the drop down box in the ESC screen, it does not ip ban someone, only by GUID. So someone can esaily have several GUID's and rejoin.
    You can also examine the banlist.cs file in the preferences directory after adding an entry to the ban list. There should be entries along the lines of: $BanList::IP1_1_1_1 = "#######"; and $BanList::GUID####### = "#######";

    Here is an example of what is in my banlist.cs file:
    $BanList::GUID3273558 = "1294439942";

    There is no ip specified.
    I also have a evo_balist.cs file, there is nothing in it, and I think you have to edit that manually, and there are no instructions for ip banning in it.

    I was looking through the evolution vl2 file, and the banning code in there looks very similar to yours, but there are no provisions for ip banning.

    So I just tried it again tonight, doing the BanList::add function, then have the person drop from the server(instead of kicking them), and they were able to rejoin without a problem. That is with specifying "0" as the GUID, and using their ip.
  • ThythThyth Apotheosis Incarnate
    In classic, the ban() function in server.cs that is called from the admin context menu in the lobby includes the line BanList::add(%client.guid, %client.getAddress(), $Host::BanTime); where %client is the client user object. This will create both a GUID ban and an IP ban.

    If you're not seeing corresponding IP address entries in the banlist file, it's most likely that the EVO modification is replacing the ban function with one that does one or the other.

    I also double checked manually adding a ban via BanList::add(). I originally intended for the function to be called with the contents of a %client.getAddress() call which includes the client remote connection port, so it's actually expecting something in the form of "IP:x.x.x.x:yyyy" where yyyy is the port. When giving it a raw IP address, it puts out an error about getSubStr. This is probably why the ban string you tried directly didn't work. Try something along the lines of BanList::add(0, "IP:1.1.1.1:", 60); instead.

    I'll add a check in the RC3 update so it can handle raw IP addresses.
  • BanList::add(0, "IP:1.1.1.1:", 60);

    Did not work either. Here is the code that I think controls the banning in EVO mod maybe you can examine it and see if there is a conflict? Or maybe we can change it to work with your coding?:
    [code]//
    // Evo MOD .chat command parser
    //

    function EvoConsoleParseHelp( %sender )
    {
    messageClient( %sender, "EvoCon",





    "- - - - - - - - - - - - - -\n" );
    messageClient( %sender, "EvoCon",




    "- - - - - - - - - - - - - -\n" );
    messageClient( %sender, "EvoCon",





    "- - - - - - - - - - - - - -\n" );
    messageClient( %sender, "EvoCon",





    ".nbr \n" );
    }


    function EvoConsoleMOTD( %sender )
    {
    if ( $Host::EvoMOTD !$= "" )
    {
    centerprint(%sender, $Host::EvoMOTD, $Host::EvoMOTDtime, $Host::EvoMOTDlines);
    }
    else
    {
    messageClient(%sender, "EvoConErr", "\c2This server does not have a MOTD." );
    }

    return;
    }


    function EvoConsoleToggleBottomPrint( %sender, %value )
    {
    switch$(%value)
    {

    case "on" :
    serverCMDToggleBottomPrint( %sender, 1 );
    messageClient( %sender, "EvoCon", "Bottomprint messages turned on." );

    case "off" :
    serverCMDToggleBottomPrint( %sender, 0 );
    messageClient( %sender, "EvoCon", "Bottomprint messages turned off." );

    default:
    messageClient( %sender, "EvoCon", "Usage: .bottomprint " );

    }

    return;
    }


    function EvoConsoleCenterPrint ( %sender, %text )
    {
    if ( !%sender.isAdmin && !%sender.isSuperAdmin )
    {
    messageClient( %sender, "EvoConErr", "\c2Only Admins and Super Admins can use this command." );
    return;
    }

    centerPrintAll( getTaggedString( %sender.name ) @ " - " @ %text, 5, 1 );
    }


    function EvoConsoleMyWonID( %sender )
    {
    messageClient( %sender, "EvoCon", "Your WonID is " @ %sender.guid @. );
    return;
    }


    function EvoConsoleSetJoinPass( %sender, %password )
    {
    serverCmdSADSetPassword(%sender, %password);
    return;
    }


    function EvoConsoleLogin( %sender, %password )
    {
    serverCmdSAD( %sender, %password );
    return;
    }


    function EvoConsoleClaimSA ( %sender )
    {
    messageClient( %sender, 'EvoConErr', 'Note: This command is obsolete. Please use .claimLease instead.' );
    }


    function EvoConsoleClaimLease ( %sender )
    {
    // Super Admins do not need to claim a lease. They cannot benefit from it
    // anyway.
    if ( %sender.isSuperAdmin )
    {
    messageClient( %sender, 'EvoConErr', 'You already are SuperAdmin.' );
    return;
    }

    // Get the lease information
    %LeaseLevel = EvoCurrentLease ( %sender.guid );


    // If lease is not found, return with error
    if ( %LeaseLevel == 0 )
    {
    messageClient( %sender, "EvoConErr", "You cannot claim Admin status. No lease has been registered for your WonID." );
    return;
    }


    if ( %LeaseLevel == 1 )
    {
    if ( %client.isAdmin )
    {
    messageClient( %sender, 'EvoConErr', 'Your lease is for admin status which you already have.' );
    return;
    }

    %sender.isAdmin = 1;
    %sender.isSuperAdmin = 0;

    messageAll('MsgAdminPlayer', '\c3%2 \c2has claimed his leased Admin status.', %sender, %sender.name );

    %adminmsg = " has claimed his leased Admin status.";
    }
    else // LeaseLevel > 1
    {
    %sender.isAdmin = 1;
    %sender.isSuperAdmin = 1;

    messageAll('MsgSuperAdminPlayer', '\c3%2 \c2has claimed his leased SuperAdmin status.', %sender, %sender.name );

    %adminmsg = " has claimed his leased SA status.";
    }

    if ( %sender.pizza )
    {
    pizzaSendHudUpdate( %game, %sender, "" );
    }

    adminLog(%sender, %adminmsg);
    logEcho(%sender.nameBase @ %adminmsg );

    return;
    }


    // EvoCommandWhois(%sender, %param)
    // Info: do a whois on a player
    function EvoConsoleWhois(%sender, %param)
    {
    if (! ( ( %sender.isAdmin && $Host::EvoAdminWhois ) ||
    ( %sender.isSuperAdmin && $Host::EvoSuperAdminWhois ) )
    )
    {
    messageClient(%sender, 'EvoConErr', '\c2This command is disabled for your admin level.');
    return;
    }

    %target = EvoFindTarget(%param);

    if(%target == -1)
    messageClient(%sender, 'EvoCon', '\c2.whois usage: .whois ');
    else
    {
    if( %target.isSuperAdmin && $Host::EvoBlockSuperAdminWhois )
    {
    messageClient(%sender, 'EvoConErr', '\c2Whois disabled with Super Admins.');
    return;
    }

    %authInfo = %target.getAuthInfo();
    messageClient(%sender, 'EvoCon', '%1, REALNAME: %2, CLAN: %3, GUID: %4, CLIENT: %5, %6', %target.name, getField(%authInfo, 0), getField(%authInfo, 1), %target.guid, %target, %target.getAddress());
    }
    }

    // EvoCommandWarnPlayer(%sender, %param)
    // Info: warn a player
    function EvoConsoleWarnPlayer(%sender, %param)
    {
    if(!%sender.isAdmin)
    {
    messageClient(%sender, 'EvoConErr', '\c2You must be an admin to use this command.');
    return;
    }

    %target = EvoFindTarget(%param);

    if(%target == %sender)
    {
    messageClient(%sender, 'EvoConErr', '\c2You can not warn yourself!');
    return;
    }

    if(%target == -1)
    messageClient(%sender, 'EvoCon', '\c2.warn usage: .warn ');
    else
    serverCmdWarnPlayer(%sender, %target);
    }

    // EvoCommandKickPlayer(%sender, %param)
    // Info: kick a player
    function EvoConsoleKickPlayer(%sender, %param)
    {
    if(!%sender.isAdmin)
    {
    messageClient(%sender, 'EvoConErr', '\c2You must be an admin to use this command.');
    return;
    }

    %target = EvoFindTarget(%param);

    if(%target == %sender)
    {
    messageClient(%sender, 'EvoConErr', '\c2You can not kick yourself!');
    return;
    }

    if(!%sender.isSuperAdmin && %target.isAdmin) // only super admins can kick admins
    {
    messageClient(%sender, 'EvoConErr', '\c2You can not kick %1, %2 is an Admin!', %target.name, %target.sex $= "Male" ? 'he' : 'she');
    return;
    }

    if(%target == -1)
    messageClient(%sender, 'EvoCon', '\c2.kick usage: .kick ');
    else
    {
    Game.kickClientName = %target.name;

    kick(%target, %sender, %target.guid);

    %authInfo = %target.getAuthInfo();
    adminLog(%sender, " kicked " @ %target.nameBase @ "( " @ getField(%authInfo, 0) @ ", " @ getField(%authInfo, 1) @ ", " @ %target.guid @ ", " @ %target.getAddress() @ ")");
    }
    }


    // EvoCommandBanPlayer(%sender, %param)
    // Info: ban a player
    function EvoConsoleBanPlayer(%sender, %param)
    {
    if ( $Host::TournamentMode )
    {
    mesageClient ( %sender, 'EvoConErr', '\c2This command is disabled in Tournament Mode.~wfx/misc/error.misc.wav');
    return;
    }


    if(!%sender.isAdmin)
    {
    messageClient(%sender, 'EvoCoNErr', '\c2You must be an admin to use this command.');
    return;
    }

    if(!%sender.isSuperAdmin && !$Host::EvoAdminBan)
    {
    messageClient(%sender, 'EvoConErr', '\c2This command is disabled for your admin level.');
    return;
    }

    %target = EvoFindTarget(%param);

    if(%target == %sender)
    {
    messageClient(%sender, 'EvoConErr', '\c2You can not ban yourself!');
    return;
    }

    if(!%sender.isSuperAdmin && %target.isAdmin) // only super admins can ban admins
    {
    messageClient(%sender, 'EvoConErr', '\c2You can not ban %1, %2 is an Admin!', %target.name, %target.sex $= "Male" ? 'he' : 'she');
    return;
    }

    if(%target == -1)
    messageClient(%sender, 'EvoConErr', '\c2.ban usage: .ban ');
    else
    {
    ban(%target, %sender);

    %authInfo = %target.getAuthInfo();
    adminLog(%sender, " banned " @ %target.nameBase @ "( " @ getField(%authInfo, 0) @ ", " @ getField(%authInfo, 1) @ ", " @ %target.guid @ ", " @ %target.getAddress() @ ")");
    }
    }


    function EvoConsoleClanLock ( %sender, %param )
    {
    if( ! ( ( %sender.isAdmin && $Host::EvoAdminClanLock ) ||
    ( %sender.isSuperAdmin && $Host::EvoSuperAdminClanLock ) )
    )
    {
    messageClient(%sender, 'EvoConErr', '\c2You do not have the required privileges to use this command.~wfx/misc/error.misc.wav');
    return;
    }

    %Team = firstWord( %param );
    %Clan = restWords( %param );

    if ( %Team $= "remove" )
    {
    $Evo::ThisMission::ClanLockActive = 0;

    if ( $Evo::ThisMission::ClanLockTeam )
    {
    EvoRemoveTempTeamName( $Evo::ThisMission::ClanLockTeam );
    }

    messageAll ( 'EvoCon', '\c2Clanlock has been removed.~wfx/misc/diagnostic_on.wav' );
    return;
    }

    if ( %Team != 1 && %Team != 2 )
    {
    messageClient( %sender, 'EvoConErr', 'Team must be either 1 or 2.' );
    return;
    }


    if ( $Evo::ThisMission::ClanLockTeam )
    {
    EvoRemoveTempTeamName( $Evo::ThisMission::ClanLockTeam );
    }

    $Evo::ThisMission::ClanLockClan = %Clan;
    $Evo::ThisMission::ClanLockTeam = %Team;

    $Evo::ThisMission::ClanLockActive = 1;

    messageAll( 'EvoCon', '\c2Team \c3%1\c2 has been locked. Only members of \c3%2\c2 are now allowed there.~wfx/misc/diagnostic_on.wav', Game.getTeamName(%Team), %Clan );

    %NumPlayers = ClientGroup.getCount();

    %OtherTeam = ( %Team == 1 ) ? 2 : 1;

    for ( %Counter = 0; %Counter < %NumPlayers; %Counter ++ )
    {
    %Client = ClientGroup.getObject( %Counter );

    if ( // ( !%Client.isAdmin ) &&
    ( %Client.team == %Team ) &&
    ( !EvoIsClientInClan( %Client, %Clan ) )
    )
    {
    messageClient( %Client, 'EvoClanLock', '\c2Switching you to other team.' );
    Game.clientChangeTeam( %Client, %OtherTeam, 0 );
    }
    }

    // Set team name /after/ announcing the team lock only!
    EvoSetTempTeamName(%Team, %Clan );

    echo("Set Teamname. Now, getTeamName returns "@ Game.getTeamName(%Team) );

    return;
    }


    function EvoConsoleNoBaseRape( %sender, %string )
    {
    if ( !%sender.isSuperAdmin )
    {
    messageClient( %sender, 'EvoConErr', '\c2Only SuperAdmins can use this command.' );
    return;
    }


    if ( $Host::TournamentMode )
    {
    messageClient( %sender, 'EvoConErr', '\c2You cannot access the No Base Rape settings in Tournament Mode.' );
    return;
    }

    if ( %string $= "off" )
    {
    serverCmdNBRSetup( %sender, "NoBaseRape", 0 );
    return;
    }

    if ( %string $= "on" )
    {
    serverCmdNBRSetup( %sender, "NoBaseRape", 1 );
    return;
    }


    if ( !isNumber( %string ))
    {
    messageClient( %sender, 'EvoConErr', '\c2Syntax: .nbr ' );
    return;
    }


    serverCmdNBRSetup( %sender, "NoBaseRapeBase", %string );


    return;
    }


    function EvoConsoleTeamName ( %sender, %string )
    {
    if ( !%sender.isSuperAdmin )
    {
    messageClient( %sender, 'EvoConErr', '\c2Only SuperAdmins can use this command.' );
    return;
    }

    %Team = firstWord( %string );
    %NewName = restWords( %string );

    echo("Team : "@%[email protected]&quot; Name : "@%NewName );

    if ( %Team $= "reset" )
    {
    for ( %teamCount = 1; %teamcount
  • ThythThyth Apotheosis Incarnate
    That just calls the built in kick() and ban() functions in the server.cs file. You should try running plain classic and see if the ban code works there.

    The BanList::add(0, "IP:1.1.1.1:", 60); command in the console adds the following line to my banlist.cs: $BanList::IP1_1_1_1 = "1294515348"; so it's clear that the code itself works in a standard classic environment.
  • haha, I'm not even sure how to start my server in classic mode. I'll have to figure it out, and then see if the same thing happens, maybe there is another problem. either way, I won't be running a classic server, since all arena players like base arena for the most part.
  • ThythThyth Apotheosis Incarnate
    Kick and ban functions appear to be the same between classic and base. I meant try running the server without your admin mod and see if it's working properly.
  • I read somewhere that you should never try and run arena 1.1 without evolution mod, I don't know why though. I guess I could just take out the vl2 file and try it. Or I was thinking I might have to go to arena 1.0, but then I lose all the options I currently have. Some will be happy, most won't.
  • Depends on which version of 1.1 you have. If there's a EvoSupport.cs or something like that in the VL2, you don't need Evo.
  • Evo has compatibility issues with the community release scripts.vl2, so evo has more issues than just with tn.
  • No Kyrand, there is no EvoSupport.cs in the arena.vl2 file.
    I wasn't the one who set up this server, so I am not sure just exactly what it's got. I would love to start over, and get this ip banning working.
  • You know what, I think this server is really messed up. Can someone help me start over and set it up correctly?
  • So I basically dleted my entire server, and put a fresh install server. Only thing was, I could not delete or replace tribes.exe. I think it is patched with rc1a. I tried the banlist command in the console, and nothing was added tot he banlist.
Sign In or Register to comment.