Someone recently asked me about sticky banning. I gave a detailed response on how to go about it and catch people in their tracks. This is the explanation I gave. If anyone would like to generate a snippet for this, feel free. It'll help those who come across it. The logic is there. All that is needed is for it to be converted in to code.
A way to go about making a ban system like this is to do the following in theory:
By banning a user, their CID is added to a list. The reason the CID is added first is because CIDs are the hardest to change so it'd be more efficient to check for the CID first. The CID (first layer) in this list should be able to contain another list (second layer). In the second layer should be the IP and Key of the individual. IPs are a little easier to change than CIDs. Keys are the easiest to change.
When a user logs in, first loop through all the items in the ban list.
BAN LIST --
CID:3135283495
IP: 192.168.1.1
KEY: ExampleUser
CID:3135283496
IP: 192.168.1.2
KEY: ExampleUser2
The user who logs in has a CID that matches the CID of the first CID in the ban list. However, their KEY is different but their IP is not. So, what you want to do is add their KEY to the list.
The second user who logs in does not match the first CID. So, you check to see if all the IPs and Keys within that list match any of the data that is on the second user. None of them match. So, move on to the second CID in the list.
In this second CID list, the CID does not match. However, the IP does and the KEY doesn't. So, add the CID to this CID list and add the KEY to this list as well. As a result, the next time they log on another account or computer, it will, hopefully, catch them in their tracks.
The downside to this method is that if they change their CID, IP, and Key, then there is no way to check if they are suppose to be sticky banned. But, that just means they have a whole new identity altogether. There is absolutely no way to truly check beyond that point. Just ban them again and hope for the best.
Nov 22 2014, 6:14 am
|
|
Question- why not use DD's host ban's sticky ban? It has a lot more data to work with than a single game, and they're pretty easy to use.
|
In response to Audeuro
|
|
Audeuro wrote:
Question- why not use DD's host ban's sticky ban? It has a lot more data to work with than a single game, and they're pretty easy to use. For games that don't have trusted mode enabled or access to the config files. |
All security modes can facilitate DD bans, you just can't access them in-game without trusted access.
|
In response to Nadrew
|
|
Nadrew wrote:
All security modes can facilitate DD bans, you just can't access them in-game without trusted access. That's what I mean. You can't edit DD bans through the code without trusted. If my users could, I would just rage quit due to the security issues. People would be global banning left and right. This was written for a client of mine who wanted someone sticky banned. I just felt like I put a lot of detail in to the explanation that it deserved a public post for those who just can't come up with an efficient logic. Hopefully this is of use. To clarify, I was requested to ban someone from all servers using the Linux method by inputting the users in the ban text file. This would ban the person not on just one game but 25 others. That level of severity is only reserved for serious offenses that cause a threat to a person's life (i.e. Murder, pedophilia, etc.). Now, I have noticed a cfg folder inside some games sometimes. It pops up randomly. Might be for admins.txt, I can't remember... I've been out of BYONDs insides too long too remember. I also know of SetConfig(). Put two and two together and my guess is you can rid my tutorial post and pretty much utilize that cfg folder somehow. Perhaps writing to bans.txt in that local cfg folder or using SetConfig()? |
Safe mode games can actually access the GAME namespace in GetConfig() and SetConfig(), giving them access to the ban system without giving them access to the global APP namespace.
|
In response to Xirre
|
|
Xirre wrote:
To clarify, I was requested to ban someone from all servers using the Linux method by inputting the users in the ban text file. This would ban the person not on just one game but 25 others. That level of severity is only reserved for serious offenses that cause a threat to a person's life (i.e. Murder, pedophilia, etc.). The cfg/ in the application folder equates to the APP/ namespace in GetConfig(). HOME and APP are both usable, even in safe mode, where as USER and SYSTEM are not. |
Wow. I must have missed this. So, questions:
Can you add to the HOME space with set config if you are in safe mode or do you have to edit it by .txt? If a game is hosted at root/Hosting/Control and is a controller that is in trusted mode and then that game uses shell() to start up other games in safe mode and these other games are in root/Hosting/Control/servers/ckey_here/games... A) Would setting config settings in the Control folder effect just Control or all games it hosts as well? B) Would setting config settings in ckey_here (the folder that contains other folders of games) effect the user's games or do nothing? C) Would setting config settings in a game's home environment be possible if they are in safemode? D) If a user is added to the ban list, what happens? Are they removed instantly? Does someone have to log in to initiate the ban reading? Does someone have to log out? Does the banned person have to relog or be kicked? If all of these have some pretty sweet answers, hell... I'll make good use of this! I'll probably include a tutorial on it as well and a easy to use library. So beneficial... |
In response to Xirre
|
|
Xirre wrote:
Can you add to the HOME space with set config if you are in safe mode or do you have to edit it by .txt? Yes- HOME and APP are available for SetConfig() in safe mode. If a game is hosted at root/Hosting/Control and is a controller that is in trusted mode and then that game uses shell() to start up other games in safe mode and these other games are in root/Hosting/Control/servers/ckey_here/games... It would effect just control. For it to affect ALL games that it hosts, you'll either want to use ~/.byond/cfg/*.txt OR use world.SetConfig() w/ the USER scope. B) Would setting config settings in ckey_here (the folder that contains other folders of games) effect the user's games or do nothing? This probably won't do anything, but you can change that. The only cfg folders of significance are:
|
Option C would be the way to go. I can easily implement -home and then have a command that writes the ban for the user. When I have time I will do that and write a detailed guide about all the functionalities of SetConfig. It is truly useful.
|
Yeah, that'd be easy enough with a "ban manager" world that runs in the same user space as their games and listened for commands on Topic() or something similar.
You might play around with GetConfig()/SetConfig() a little bit before deploying it in real world use, though. I seem to recall at some point that it would occasionally break and wipe out all of your bans, and GetConfig() would throw a "Bad Config Error" when trying to read keyban and ipban from the APP namespace. I'm not sure, though, if that's something they've fixed since, though. It's been 8 years... |
In response to Audeuro
|
|
Yeah, I haven't used it in about 5 years. Always thought it was useless in most situations. I'll be sure to do some testing before putting it on.
|