1 Topic by CyaNox

  • CyaNox
  • Member
  • Offline

Topic: The TBL

Hello tees,

After running various servers I noticed that it is quite common that certain tees have a rather bad behavior. To challenge this I started working on some scripts to keep my servers clean.

In the process of creating this "feature" I also thought "well some others may find this useful" so I started working on a way to share the banned users.

Thus now we have the TBL short for Tee Black List.

It basically is quite simply a list of IP addresses that have been or are still breaking the rules I use for my servers ( http://tw.cyanox.nl/rules.php ).

It is partially automatic so not entirely failsafe but so far it works great.

I created a simple script that would list the currently banned IP addresses which is more or less always up to date.

I also made a little script (for linux) that grabs this list and iptables the banned IP addresses:

#!/bin/bash
WORKDIR=/var/tw/

cd $WORKDIR

/sbin/iptables -F INPUT

wget -q http://tw.cyanox.nl/tbl.php -O ${WORKDIR}black.list
if [ ! -e ${WORKDIR}black.list ]
then
  echo Blacklist could not be downloaded.
  exit 1;
fi
IPS=`cat ${WORKDIR}black.list`
rm -f ${WORKDIR}black.list

for i in $IPS
do
  /sbin/iptables -I INPUT -s $i -j DROP
done

This script always flushes iptables so only currently banned IP addresses are actually banned.

Of course how you implement it is irrelevant as long as it works and does not spam the TBL.

I know some people may think this is pointless or stupid or against the spirit of teeworlds but to be honest I'd rather not have vulgar or offensive language on my servers.

So there you have it a way to ban bad tees.

If you want to know how long an IP address will be on the TBL take a look at http://tw.cyanox.nl/rules.php it is listed at the bottom.

Now I'd like your opinion about this and if you want to have the possibility to add IP addresses to the TBL. If you want to add them then how would you like to see this implemented (keep in mind that it must not be abusable).

There are 10 kinds of people ... those who understand binary and those who don't.

2 Reply by FireArrow

  • FireArrow
  • FireArrow
  • Member
  • Offline

Re: The TBL

I won't take position in this matter, but I just have to suggest an improvement to your shell-script.

If you move /sbin/iptables -F INPUT in between "rm -f..." and "for i..." you would keep the old blacklist in case you can't acquire an up to date list from the server.

Used to be very active waay back

3 Reply by CyaNox

  • CyaNox
  • Member
  • Offline

Re: The TBL

It is intentionally done like this in case the servers IP address for some strange reason gets added.

But your free to do whichever you feel is best in your situation.

Anyway thanks for the suggestion.

There are 10 kinds of people ... those who understand binary and those who don't.

4 Reply by ziltoide

  • ziltoide
  • Donor
  • Offline

Re: The TBL

I like the idea but not the use of iptables. It would be much better if the banning was done by teeworlds. Now obviously that would require a modded server. This way only player IPs would end up on the list. The shared list functionality could still be a script like this.

5 Reply by scosu

  • scosu
  • Member
  • Offline

Re: The TBL

There is no sense in banning ip's longer than 24 hours. Also it's possible to change it whenever you want to.

Nice idea... but will not work (at least for me) because there are many players not visiting your servers but mine. There should be a way to update banned users from other server-owners but on a trusted way somehow. No idea how to solve that. And a patch for the server to read the list and ban them.

And another problem: I have other rules on my servers. for example your rules 1,4 and 5 the server handles automatically.