New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Readd cooldowns on the world topic #48542
Conversation
putting the cooldowns/spam checks prior to |
I actually mean to move that and forgot |
229c087
to
b86e0b5
Compare
b86e0b5
to
6c477bf
Compare
Thanks to whomever removed these, you're a real star
6c477bf
to
90cc406
Compare
This would trigger for the webserver, it requests topic at a rate of once per second. |
var/static/list/topic_handlers = TopicHandlers() | ||
|
||
//LEAVE THIS COOLDOWN HANDLING IN PLACE, OR SO HELP ME I WILL MAKE YOU SUFFER | ||
if (addr in bannedsourceaddrs) | ||
return |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use an associated list reference instead of in
.
in
is O(n), blah[key]
is O(log n)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
for some reason I thought that gives a runtime about the key if it doesn't exist
I think if you add TGS to some sort of IP whitelist... |
All that would be needed is localhost
…On Sat, Jan 4, 2020, 3:20 PM Neth ***@***.***> wrote:
This would trigger for the webserver, it requests topic at a rate of once
per second.
I think if you add TGS to some sort of IP whitelist...
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#48542?email_source=notifications&email_token=AB6LA6QKHNNYLWHIHTJ7BF3Q4DVQZA5CNFSM4KCG63TKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIC7QJA#issuecomment-570816548>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB6LA6XUI5O6HGXW7UG4CJDQ4DVQZANCNFSM4KCG63TA>
.
|
if(world.time < (lasttime + 2 SECONDS)) | ||
log_admin_private("[addr] banned from topic calls for a round for too frequent messages") | ||
bannedsourceaddrs[addr] = TOPIC_BANNED | ||
return | ||
|
||
lasttimeaddr[addr] = world.time |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
instead use
lasttimeaddr[addr] = world.time + 2 SECONDS
and check that
if(world.time < lasttime)
The webserver/game banners do not use TGS. They do not come from localhost. they come from a lan ip for all servers except the eu servers, those see the internet ip of the webserver. |
This needs to be configurable, and should either be the normal standard format of count in time, or a better count in static timeframe system. Look at the topic limiter for an example of a robust anti-spam system. The ability to add ips on a whitelist would also help. |
this doesn't appear to help. Tested close enough implementation on CM, stayed dead. |
Would still be good to have regardless. As for the whitelisting, could just open up a new config entry for that? That way you don't have to hardcode IPs into the handling. |
This PR has been inactive for long enough to be automatically marked as stale. This means it is at risk of being closed by a maintainer if it is not updated or reviews are not addressed. If your PR is closed as stale, feel free to open a new one after dealing with the issues. This may also be an indication that the maintainers do not have interest in this change, you can try to convince them otherwise, or persist in the doomed world you have created. |
Thanks to whomever removed these, you're a real star