Linux and Banning Problems

[TheSultan]

Hi there guys, I am in need of some advice with an issue we are having on our Linux GO server.

we can currently ban people "in game" using the appropriate commands but when we go to banip nothing happens.

I was also wondering if you can ban part ips for example 111.22.*.* etc so that anyone from this originating IP can be blocked.

We have a problem with a guy who can change IP's and we need to block the part of the IP that doesn't change. Being the first 2 lots of numbers.

Can this be done and how do I go about it.

I took the time to enter 200 or so combinations of ip's to the ban txt only to findout that if i add my own then upload it to the server, it doesn't ban me anyway.

So basically we need to manually enter Ip's to block or wildcard ips. This will be of great asset to our server if this is possible. It seems the actual server doesn't save the ips.

Please help spooktah i know you have an answer for me again .


Thanks again Mate

- Global Operator
globalop@swiftdsl.com.au

[SP()()KY]

do you do a \r_writebanlist after you banned ppl ? otherwise nothing will be written into the ban.txt

hth parts of your question...

cu ingame

[TheSultan]

Thanks for the tip. The main part of the question was


Can I use r_banip 255.255.255.255 in game etc but if someone is chaning their last 2 digits of IP to avoid bans can i issue part bans eg anyone originating from 255.255 will not be allowed to play

and is there also an Anti Hack available to detect bots for Linux. I have the windows anti hack but I can't find a linux one.

Thanks again for the help

- Global Operator

[BlaaT0001]

You can only permenately ban clients which have a so called "static IP". Some internet providers offer people a static IP which means that everytime those people connect to the internet they have the same IP address. People with a dynamic IP recieve an IP (DHCP=Dynamic Host Configuration Protocol) randomly chosen (within the IP ranges of the ISP).

If you ban people and they reconnect their internet connection they might recieve a different IP address and they will be enabled to join your gameserver again. Nothing you can do about this really. You can't ban whole IP ranges in GO. I don't think you'd want this anyway. You would also be taking away the chance of anybody else with that same ISP joining your server.

How do you ban on IP btw while being ingame? How do you obtain the IP's of clients while being ingame? I thought you could only ban clients using their playerID. Am I wrong in this matter?

BTW, make sure to put a "0" behind the ban command to make the ban permenately. And don't forget the \r_writebanlist command.

Cheers,

BlaaT

[BlaaT0001]

Instead of banning him alll the time you might want to try using the \r_kill command. This is much more annoying! He will die instantly and not recieve any credits, so he'll be unable to buy new guns.

Give it try, hopefully he'll stop annoying you guys.

BlaaT

[SP()()KY]

TheSultan said:

Can I use r_banip 255.255.255.255 in game
and is there also an Anti Hack available to detect bots for Linux. I have the windows anti hack but I can't find a linux one.

1st question :

from the remot command.doc

r_ban <playername> <time> - bans the player from the game for the specified time. The time is in minutes. To ban permanently <time> should be set to 0. The banning is done on an IP address basis.

r_ban <id> <time> - same as the banning by playername except the players ID is used.

r_banip <ip address> <time> - ban an ip address for a certain amout of time. Time is in minutes. To ban permanently <time> should be set to 0.

r_readbanlist – reads the ban.txt from the harddrive.

r_writebanlist – writes the banned ip address to the ban.txt file.

r_unban <ip address> - will unban the ip address

maybe something like that r_banip 255.255.*.* works ?


2nd question : afaik a linux version is in development...i heard

[BlaaT0001]

If you can't ban IP ranges on the GOserver maybe you could try putting the IP range in your shitlist of your firewall. Disabling any kind of traffic from those IP's.

Many firewalls under linux offer this feature.

Cheers,

BlaaT

[TheSultan]

Thanks very much everyone for their replies.

I am interested in the firewall idea as this may be the only way around the problem.

Cheers for the tips and info

== Global Operator ==

[serkoon]

TLP also uses the firewall approach. We've banned quite some annoying ranges (AOL, some .il, some .it ranges) by simply dropping all incoming packets from those IP's to UDP port 27888.

On Linux this can be done with ipchains or iptables, whichever firewall is available. Don't ask me about the commands to issue; I really don't want to learn the ipchains/iptables syntax, thank you Anyway, there should be docs all over the net describing how to block traffic using ipchains/iptables.

[serkoon]

Hm. This was an old topic

[Spookstah]

very old, but look at it as an archive