Automatic Proxy Detection

[MrStonedOne]

Notifies admins when connections come from known proxies and likely proxies by checking for known spammer ips (as proxies are used to spam emails/forums) using GetIpIntel.net

GetIpIntel.net returns a real number(ie: float), between 0.000 and 1.000, of their likely hood to be a proxy/spammer/infected host.

Todo:

• Local cache so small singleton servers can skip the mysql part.
• Test the core code.
• Test the mysql cache part.
• Test merge

[PKPenguin321]

RIP NikNak

[Niknakflak]

Didn't I already have a talk with shadowlight about the questionable reliability of Ipintel. I tested it a fair amount of times and it doesn't flag obvious ones in certain cases and in other cases it just error'd when presented with a virtual hosting IP.

I rate it 4/10 for usefulness and correctness.
I can't resign until it's less shit.

[optimumtact]

Can you make a note that this isn't perfect and should only be used as a detection guide as well, not as the sole evidence of a ban.

[Core0verload]

This will MURDER any player connecting from a dynamic IP or from behind heavy NAT, no matter do they use proxies or not. These "spam IP lists" are really fucking unreliable - one infected PC gets all the dynamic subnet flagged, same with NATed IPs.

[optimumtact]

Yeah I'm really not sure about this actually denying people.

Maybe start with just logging results and see what kind of positive/negative detection rates we get.

[MrStonedOne]

OMG, did you fucking not see the OP, mainly the final checkmark.

Like holy shit if you aren't gonna read, don't fucking comment.

[optimumtact]

it's okay to be upset

[PKPenguin321]

if what oranges says is true (and im inclined to believe him) then i'm not sure how much i want this
do we really need more false positives and 40 gorillion more bad bans

[Alek2ander]

What's the point of checking everyone? Only brand new ckeys are worth checking.

[MrStonedOne]

This system is in use by other people, goon, and another server. Just fucking fine.

Also, "These spam ip lists" Is rather generic.

Everybody is kinda lumping this in with every other bad ip list service, without any info on this.

Stop talking out of your ass.

As for why i check everyone, it's because I actually read the FAQ of the server, mainly the part about how it passively does port scan and automatic proxy attempts to the requested ip after reporting back the score, and for this reasons, values shouldn't be cached or trusted for too long as they might change.

[imtakingabreakdontatme]

@MrStonedOne

Do you plan on finishing this?

[imtakingabreakdontatme]

I'm cleaning the PR list of all the "work in progress" stuff, I will reopen this upon request

[MrStonedOne]

So this subsystem is basically my OOP solution to the original hacky way i checked if the world had just started to avoid checking round start reconnects.

It has its failures, as it means there is a small window after world start where somebody could be a fresh connection, but never get checked, but at least its not more snowflake added to world/New()

[MrStonedOne]

todo: make this refresh cached minutes ago.

[Iamgoofball]

@ninjacha that doesnt stop cids and stickybans

[optimumtact]

Will niknak ever truly be put out of a job?

Tune in next month to find out

[optimumtact]

stale?

[MrStonedOne]

It's pending the MC change since the MC change has a freeze attached to it so i'm spending all my coding time on that.

[optimumtact]

Unfrozen

[optimumtact]

reopen when you're ready to continue work on it

[MrStonedOne]

Literally working on it right now.