From 30728fa5dca858af79038878d597ffd24cb1fc26 Mon Sep 17 00:00:00 2001 From: MadCamel Date: Sun, 4 Apr 2010 13:48:37 -0400 Subject: Added packet rate limiter and flood prevention system. The idea behind this is to keep abusive clients from flooding the server. Everything from over-voracious auto pick-up to exploitation of NPC vulnerabilities is mitigated by this. It will also eventually reduce server traffic, load, and possibly lag. Config options in battle_athena.conf: packet_spam_flood (default 30) packet_spam_threshold (default 2) packet_spam_kick (default 1) Each packet type has a specified allowed incoming rate in milliseconds, if this rate is exceeded the packet is ignored. If over 'flood' overruns in 'threshold' seconds are detected, a flood is logged and a kick may be triggered depending on the 'kick' config boolean. The packet rates and flood thresholds have been tested and tweaked on a live server, this should only affect abusive clients. Only extremely abusive clients will trigger a log/kick condition. This probably obsoletes the trade and kick spam code. --- src/map/pc.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/map/pc.c') diff --git a/src/map/pc.c b/src/map/pc.c index 8d1066d..fd30066 100644 --- a/src/map/pc.c +++ b/src/map/pc.c @@ -961,6 +961,9 @@ int pc_authok (int id, int login_id2, time_t connect_until_time, sd->trade_reset_due = sd->trades_in = 0; sd->sit_reset_due = sd->sits_in = 0; + memset(sd->flood_rates, 0, sizeof(sd->flood_rates)); + sd->packet_flood_reset_due = sd->packet_flood_in = 0; + // message of the limited time of the account if (connect_until_time != 0) { // don't display if it's unlimited or unknow value -- cgit v1.2.3-60-g2f50