search

jonesdevelopment / sonar

Sonar is a lightweight, effective and easy-to-use anti-bot plugin for Velocity, BungeeCord, and Bukkit.
https://docs.jonesdev.xyz
GNU General Public License v3.0
121 stars 11 forks source link

Feature Request: Invalidate IP entry in rate-limiter before transfer #365

Open whiler-sesame opened 3 weeks ago

whiler-sesame commented 3 weeks ago

Information

Drop IP from Velocity rate-limiter before transferring (1.20.5) players again to the same server, probably make it an option.

Reason

A usual configuration of the rate-limiter is about 5 seconds. Sonar verifies the client much quicker. Manually removing the IP from cache before transferring might allow not to disable or lower rate-limits and still be convenient for players.

Additional information

These are "internals". Sample code for any Velocity plugin with access to proxy module, not actually tested:

import com.github.benmanes.caffeine.cache.Cache;
import com.velocitypowered.api.event.Subscribe;
import com.velocitypowered.api.event.proxy.ProxyInitializeEvent;
import com.velocitypowered.api.event.proxy.ProxyReloadEvent;
import com.velocitypowered.proxy.VelocityServer;
import com.velocitypowered.proxy.util.ratelimit.CaffeineCacheRatelimiter;

import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.net.InetAddress;

public class Sample {
    private final MethodHandle cacheGetter;
    private Cache<InetAddress, Long> cache;

    public Sample() throws NoSuchFieldException, IllegalAccessException {
        this.cacheGetter = MethodHandles.privateLookupIn(CaffeineCacheRatelimiter.class, MethodHandles.lookup())
                .findGetter(CaffeineCacheRatelimiter.class, "expiringCache", Cache.class);
        this.loadCache();
    }

    public void dropFromCache(InetAddress address) {
        if (this.cache == null) return; // Not tested for races
        this.cache.invalidate(address);
    }

    @Subscribe
    public void proxyInitializeEvent(ProxyInitializeEvent event) {
        this.loadCache();
    }

    @Subscribe
    public void proxyReloadEvent(ProxyReloadEvent event) {
        this.loadCache();
    }

    private void loadCache() {
        try {
            VelocityServer server = ...; // Obtain from plugin
            if (!(server.getIpAttemptLimiter() instanceof CaffeineCacheRatelimiter limiter)) {
                this.cache = null;
                return;
            }
            this.cache = (Cache<InetAddress, Long>) this.cacheGetter.invoke(limiter);
        } catch (Throwable e) {
            this.cache = null;
            // Handle errors here
        }
    }
}
whiler-sesame commented 3 weeks ago

wtf edit: if these comments above will be deleted, this is what i'm writing "wtf" about.

jonesdevelopment commented 3 weeks ago

Drop IP from Velocity rate-limiter before transferring (1.20.5) players [...]

Good idea, but I'd have to implement this for BungeeCord and Bukkit as well, not just Velocity.

jonesdevelopment commented 3 weeks ago

I hope nobody clicked on the link WSA1k posted. If you did, reset your PC :sweat:

andreasdc commented 3 weeks ago

I hope nobody clicked on the link WSA1k posted. If you did, reset your PC 😓

It's good to report every account like that

jonesdevelopment commented 3 weeks ago

It's good to report every account like that

Yeah, I did report them to GitHub. One of the accounts was already banned afaik.

jonesdevelopment commented 1 week ago

Planned for either 2.1.6, 2.1.7 or 2.2.0