How to ban a dynamic ip?

Post here if you need help setting up your server, etc.
zoidberg
On Lightcycle Grid
Posts: 25
Joined: Thu Mar 13, 2008 2:45 am

Post by zoidberg »

I've only ever used tail -f for watching error logs...

I thought it would be like a program that hooks to arma port or something and monitors the users and stuff, so it would auto-kick or auto-warn for swearing or something...

If it's just a matter of monitoring a log and spitting out a modified config file then perl or php would be ideal b/c of regular expressions...
User avatar
ivantis
Round Winner
Posts: 269
Joined: Mon Mar 03, 2008 2:33 pm
Contact:

RE: how to ban a dynamic ip

Post by ivantis »

wow, that has inspired me to create a script in perl that you can run along side your server, and it will auto-ban players if they say a naughty word (you can specify the words on start of the script). also, i run my server on ubuntu gutsy, and i cant enter arma commands into the terminal running the server for some reason, and for the perl script to work right you need to do that.

as far a banning dynamic ips, i think you can do some kind of search and see if that person has a DynDNS name setup, and just ban that.
a question that may help: are there any dyndns services that automatically change when your WAN MAC id is at a specified IP range? you might be able to setup a dyndns name for them that traces their MAC address, and just ban the dyndns name.

when (and if) i finish the perl ban/kick script, i will tell you guys.
User avatar
ivantis
Round Winner
Posts: 269
Joined: Mon Mar 03, 2008 2:33 pm
Contact:

RE: how to ban a dynamic ip

Post by ivantis »

ok! i have a good start on the script, i made it so that when you run it, it will issue a command to the server (i havent tested it yet, because my system wont let me issue commands through the terminal, but it looks like it works).

to run:
I assume you run a Linux or UNIX based system (not sure if it works on OS X with the Terminal utility).

enter

Code: Select all

'path/to/where/you/put/it' > /dev/pts/(what TTY number (probably just one number)  your server is running on)
note: you must login as root, or use a root terminal to grant your user access to /dev/pts/* first.

make a plain text file, and put this inside it:

Code: Select all

#!/usr/bin/perl

print "COMMAND_HERE\n";

when you run it, you should see
COMMAND_HERE (or whatever you replaced it with)

in the terminal window running the server.
if anyone has any tips for it, gladly appriciated
User avatar
ivantis
Round Winner
Posts: 269
Joined: Mon Mar 03, 2008 2:33 pm
Contact:

RE: how to ban a dynamic ip

Post by ivantis »

ok, this is a pretty good one that i whipped up really quick. it bans someone if they say **** (sort of). it doesn't read lines from the server, it only reads from standard input. again, the command to run it is

Code: Select all

$ /where/you/saved/it > /dev/pts/(the pts that the server is running on)
here is the code. to test it, open it with the command i just gave you, and type something like [3] somethingsomethingsomething **** somethingsomethingsomethingelse

then press enter, and then press Ctrl+D, and you should see in your server something like BAN 3 (or instead of 3, the number you typed withing the square brackets).

here it is:

Code: Select all

#!/usr/bin/perl

print "#ArmaCheq is running. This version does not come with any guarantees to success, nor will any other releases (unless someone else wants to modify it themselves).\n";

sub check {

$servlog = <STDIN>;

if ($servlog =~ /\[1\].+****/) {
	print "BAN 1\n";
}

if ($servlog =~ /\[2\].+****/) {
	print "BAN 2\n";
}

if ($servlog =~ /\[3\].+****/) {
	print "BAN 3\n";
}

if ($servlog =~ /\[4\].+****/) {
	print "BAN 4\n";
}

if ($servlog =~ /\[5\].+****/) {
	print "BAN 5\n";
}

if ($servlog =~ /\[6\].+****/) {
	print "BAN 6\n";
}

if ($servlog =~ /\[7\].+****/) {
	print "BAN 7\n";
}

if ($servlog =~ /\[8\].+****/) {
	print "BAN 8\n";
}

if ($servlog =~ /\[9\].+****/) {
	print "BAN 9\n";
}

if ($servlog =~ /\[10\].+****/) {
	print "BAN 10\n";
}

if ($servlog =~ /\[11\].+****/) {
	print "BAN 11\n";
}

if ($servlog =~ /\[12\].+****/) {
	print "BAN 12\n";
}

if ($servlog =~ /\[13\].+****/) {
	print "BAN 13\n";
}

if ($servlog =~ /\[14\].+****/) {
	print "BAN 14\n";
}

if ($servlog =~ /\[15\].+****/) {
	print "BAN 15\n";
}

if ($servlog =~ /\[16\].+****/) {
	print "BAN 16\n";
}

if ($servlog =~ /\[17\].+****/) {
	print "BAN 17\n";
}

if ($servlog =~ /\[18\].+****/) {
	print "BAN 18\n";
}

if ($servlog =~ /\[19\].+****/) {
	print "BAN 19\n";
}

if ($servlog =~ /\[19\].+****/) {
	print "BAN 19\n";
}

if ($servlog =~ /\[20\].+****/) {
	print "BAN 20\n";
}

&check;

}

&check

ps: does anyone know where the server log file is kept? i cant find it, but when i do this thing will actually work.
QUARG
Round Winner
Posts: 223
Joined: Thu Sep 14, 2006 2:38 pm
Location: montreal

Post by QUARG »

The logs are all in the var folder. On mac its in the user/library/application support/var. Windows hides in an invisible folder called application data. But arma doesnt record the chat logs by default. I know that there is a topic on that in the forums.
User avatar
ivantis
Round Winner
Posts: 269
Joined: Mon Mar 03, 2008 2:33 pm
Contact:

RE: how to ban a dynamic ip

Post by ivantis »

hmm... do the logs automatically update? and is there a way to make it record chats? also, did you test it out, if you did, does it actually issue commands to the server, or just print them there?
User avatar
ivantis
Round Winner
Posts: 269
Joined: Mon Mar 03, 2008 2:33 pm
Contact:

Post by ivantis »

crap, i just noticed that i filters the f-word. uh... just replace **** with some word, or perl will treat them as wildcards
User avatar
wrtlprnft
Reverse Outside Corner Grinder
Posts: 1679
Joined: Wed Jan 04, 2006 4:42 am
Location: 0x08048000
Contact:

Post by wrtlprnft »

**** ;-)

If you get the lastest 0.2.8 from subversion or bzr there's a machine parsable chatlog that can be enabled.

You could just redirect (or tee -a) the output of armagetronad-dedicated to some file of your choice when you start it.

Same goes for input. Using the tty in /dev looks quite fragile to me, the usual method is to create some file and then (ino)tail -f the contents of that file into armagetronad-dedicated.

So you'd do something like

Code: Select all

tail=inotail
which $tail >/dev/null 2>&1 || tail=tail

$tail -fn0 "$input_file" | $armagetronad-dedicated $aaopts > "$output_file"
There's no place like ::1
epsy
Adjust Outside Corner Grinder
Posts: 2003
Joined: Tue Nov 07, 2006 6:02 pm
Location: paris
Contact:

Post by epsy »

and also, if you want to reproduce a fully working console to the server(because with the method mentioned above by wrtl will disable direct stdin input to the server), you might want to try this, it's quite crap(well, as much of the console you can get with arma) but i found it quite useful (i use such a console for x sumo)

inotail -f /path/to/log.txt & cat >>/path/to/server/stdin_input.txt
User avatar
ivantis
Round Winner
Posts: 269
Joined: Mon Mar 03, 2008 2:33 pm
Contact:

Post by ivantis »

epsy, what would be the /path/to/server/stdin_input? where would it be within the package? i have all of it in one file since i built from source.
that would be helpful, especially now since i only have ssh access (i am away from home)
Image
Image
Image
epsy
Adjust Outside Corner Grinder
Posts: 2003
Joined: Tue Nov 07, 2006 6:02 pm
Location: paris
Contact:

Post by epsy »

wrtlprnft wrote:

Code: Select all

$tail -fn0 "$input_file" | $armagetronad-dedicated $aaopts > "$output_file"
the same than $input_file here
can be any file you like
pavelo
Average Program
Posts: 70
Joined: Sun Apr 23, 2006 4:05 pm

Post by pavelo »

does it actually issue commands to the server, or just print them there?
it just prints them.... no need to check.

and about that script.... it seems to have an infinite recursion...
i know the script is meant to be run indefinitely, but you could do it in a way that doesn't waste stack memory....
also, the copy-pasted if() lines aren't exactly the best way to achieve the thing you want to do.....
you could try something along these lines instead

Code: Select all

sub check {
  $log = <STDIN>
  print "BAN $1\n" if ($log =~ /\[([0-9]+)\].+****/i);
}

check while(1);
disclaimer: i haven't actually tested the code, it may contain stupid mistakes
User avatar
ivantis
Round Winner
Posts: 269
Joined: Mon Mar 03, 2008 2:33 pm
Contact:

Post by ivantis »

pavelo: yeah, i know, interpreted programs take up a lot of stack memory.

epsy: so when i start the server, i should start it like

Code: Select all

$ /path/to/server/start >> /path/to/server/log < /path/to/input.txt -d > /dev/null 2>&1 &
right?
and then, to recreate a terminal to it, what do i do with tail notail stuff? like this:?

Code: Select all

$ inotail -f /path/to/server/log & cat >>/path/to/input.txt
right?
im waiting for my server to come back out of its coma so i can try this
Image
Image
Image
pavelo
Average Program
Posts: 70
Joined: Sun Apr 23, 2006 4:05 pm

Post by pavelo »

ivantis wrote:pavelo: yeah, i know, interpreted programs take up a lot of stack memory.
no, you're missing my point.
i wasn't referring to the fact that perl is interpreted. in fact i think that interpreted programs take up *less* of *real* stack memory due to the fact that the recursion is interpreted and the interpreter probably uses an internal stack (as opposed to the machine one)
what i'm trying to say is that, code like

Code: Select all

sub foo {
<do something>;
foo;
}
will always waste stack* (simulated or machine, doesn't matter). yet the recursion is easily removable

* unless the compiler is smart enough to optimize away the tail recursion. i don't know about perl, but gcc does that under some circumstances (i.e. the function isn't too complicated, it's not full moon, and you're not left-handed). but i think it's better to be safe and remove the recursion manually than to hope the compiler is smart enough
ivantis wrote:

Code: Select all

$ /path/to/server/start >> /path/to/server/log < /path/to/input.txt -d > /dev/null 2>&1 &
don't know what will that do, but it has too many redirections for my taste. what's wrong with wrtl's version?
User avatar
ivantis
Round Winner
Posts: 269
Joined: Mon Mar 03, 2008 2:33 pm
Contact:

Post by ivantis »

ivantis wrote:
Code:
$ /path/to/server/start >> /path/to/server/log < /path/to/input.txt -d > /dev/null 2>&1 &
don't know what will that do, but it has too many redirections for my taste. what's wrong with wrtl's version?[/code]
thats just what i always use.
this needs another subject, it doesnt have anything to do with banning dynamic ips
Image
Image
Image
Post Reply