From a18c5d148d45f39e8aaab7fdbb5c25194e1e5097 Mon Sep 17 00:00:00 2001 From: Lett Date: Sat, 7 Jun 2025 00:13:15 -0400 Subject: [PATCH] Improve server control and logging of the DOS blacklist (#10904) * Log kicks related to DOS bans * unBlacklistDos method Added a method to remove an IP that was blacklisted for being a potential DOS attack. * Added a command to add/remove/list DOS bans * Switched from spaces to a tab in the subnet-ban command Switched from spaces to a tab in the subnet-ban command's listing function. This is better for accessibility and customizability. * Use info(String, Object...) instead of String.format * Fixed formatting to fit style guidelines --- core/src/mindustry/net/Administration.java | 4 +++ core/src/mindustry/net/ArcNetProvider.java | 2 ++ .../src/mindustry/server/ServerControl.java | 31 ++++++++++++++++++- 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/core/src/mindustry/net/Administration.java b/core/src/mindustry/net/Administration.java index b978d4bc7b..76d21c6028 100644 --- a/core/src/mindustry/net/Administration.java +++ b/core/src/mindustry/net/Administration.java @@ -91,6 +91,10 @@ public class Administration{ dosBlacklist.add(address); } + public synchronized void unBlacklistDos(String address){ + dosBlacklist.remove(address); + } + public synchronized boolean isDosBlacklisted(String address){ return dosBlacklist.contains(address); } diff --git a/core/src/mindustry/net/ArcNetProvider.java b/core/src/mindustry/net/ArcNetProvider.java index 66d2d5278c..dde8aba760 100644 --- a/core/src/mindustry/net/ArcNetProvider.java +++ b/core/src/mindustry/net/ArcNetProvider.java @@ -113,6 +113,8 @@ public class ArcNetProvider implements NetProvider{ //kill connections above the limit to prevent spam if((playerLimitCache > 0 && server.getConnections().length > playerLimitCache) || netServer.admins.isDosBlacklisted(ip)){ + Log.info("Closing connection @ - IP marked as a potential DOS attack.", ip); + connection.close(DcReason.closed); return; } diff --git a/server/src/mindustry/server/ServerControl.java b/server/src/mindustry/server/ServerControl.java index 453c73e9a4..6b0a840ec9 100644 --- a/server/src/mindustry/server/ServerControl.java +++ b/server/src/mindustry/server/ServerControl.java @@ -666,7 +666,7 @@ public class ServerControl implements ApplicationListener{ if(arg.length == 0){ info("Subnets banned: @", netServer.admins.getSubnetBans().isEmpty() ? "" : ""); for(String subnet : netServer.admins.getSubnetBans()){ - info("&lw " + subnet); + info("&lw\t" + subnet); } }else if(arg.length == 1){ err("You must provide a subnet to add or remove."); @@ -1054,6 +1054,35 @@ public class ServerControl implements ApplicationListener{ } }); + handler.register("dos-ban", "[add/remove] [ip]", "Add or remove a DOS ban.", arg -> { + if(arg.length == 0){ + info("DOS bans: @", netServer.admins.dosBlacklist.isEmpty() ? "" : ""); + + netServer.admins.dosBlacklist.forEach(address -> { + info("&lw\t" + address); + }); + return; + }else if(arg.length == 1){ + err("Expected either zero or two parameters, but only got one parameter."); + return; + } + + String action = arg[0].toLowerCase(); + String ip = arg[1]; + + if(action.equals("add")){ + netServer.admins.blacklistDos(ip); + info("Dos banned: @", ip); + return; + }else if(action.equals("remove")){ + netServer.admins.unBlacklistDos(ip); + info("Removed dos ban: @", ip); + return; + } + + err("Unrecognized action: @", action); + }); + mods.eachClass(p -> p.registerServerCommands(handler)); }