{"id":2304,"date":"2023-01-26T10:27:22","date_gmt":"2023-01-26T10:27:22","guid":{"rendered":"https:\/\/smartfoxserver.com\/blog\/?p=2304"},"modified":"2024-04-19T14:57:17","modified_gmt":"2024-04-19T14:57:17","slug":"new-in-2-19-extension-flood-filter","status":"publish","type":"post","link":"https:\/\/smartfoxserver.com\/blog\/new-in-2-19-extension-flood-filter\/","title":{"rendered":"New in 2.19: Extension Flood Filter"},"content":{"rendered":"\n

With the release of SmartFoxServer 2.19.0<\/strong> we have introduced a new Extension Flood Filter<\/strong> that provides fine grained control over the packet rate of Extension requests: it can be used to limit the number of calls per second for specific requests and automatically set rules for warning and banning the offending client(s).<\/p>\n\n\n\n

It also includes the ability to catch unknown Extension calls<\/strong> (i.e. requests for which there doesn’t exist a request handler) and apply auto-ban rules as well.<\/p>\n\n\n\n

Under normal circumstances, e.g. users playing with the official client app, there shouldn’t be a concern about request spam: limitations can be easily coded in the client itself. However it’s also relatively easy for malicious users to reverse engineer a client made in Javascript, Unity or Java and bypass such limitations.<\/p>\n\n\n\n

Overview<\/h2>\n\n\n\n

In the diagram below we show a bird’s eye view of the filter and its position in the Extension invocation chain. For each request handler defined in our Extension code (via the addRequestHandler<\/em> methods) we can set a limit expressed in number of calls per second<\/strong>.<\/p>\n\n\n\n

\"Extension<\/a><\/figure><\/div>\n\n\n\n

In this example we have defined a playerShoot<\/strong> request handler and we’ve also set a limit of 4 requests\/sec. If a client sends 20 calls in one second only the first 4 will be passed to the Extension<\/strong> and processed, while the rest will be discarded. Additionally, based on the auto-ban rules, the sender will either be warned or banned.<\/p>\n\n\n\n

Usage<\/h2>\n\n\n\n

The Extension Flood Filter is inactive by default<\/strong>. To activate it we need to call the initFloodFilter(…)<\/strong> method available from the parent SFSExtension<\/strong> class.<\/p>\n\n\n

\npublic class AntiFloodTestExtension extends SFSExtension\n{\n    static final String PLAYER_SHOOT = "pShoot";\n    static final String PLAYER_MOVE = "pMove";\n \n    @Override\n    public void init()\n    {\n        ExtensionFloodFilterConfig cfg = new ExtensionFloodFilterConfig();\n        cfg.banDurationMinutes = 120;\n        cfg.maxFloodingAttempts = 3;\n        cfg.secondsBeforeBan = 2;\n        cfg.banMessage = "You are now banned. Reason: request flooding.";\n        cfg.filterRules = Map.of\n                        (\n                            PLAYER_SHOOT, 4, \n                            PLAYER_MOVE, 15\n                        );\n     \n        initFloodFilter(cfg);\n     \n        addRequestHandler(PLAYER_SHOOT, (sender, param) -&gt; {\n         \n            trace("Shooting");\n     \n        });\n     \n        addRequestHandler(PLAYER_MOVE, (sender, param) -&gt; {\n         \n            trace("Moving");\n     \n        });\n    }\n}\n<\/pre>\n\n\n\n
The initializer method takes a ExtensionFloodFilterConfig<\/strong> object with with a number of properties for warning and banning clients.<\/p>\n\n\n\n
For more details on each setting, default values and further details please check our documentation website here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
With the release of SmartFoxServer 2.19.0 we have introduced a new Extension Flood Filter that provides fine grained control over the packet rate of Extension requests: it can be used to limit the number of calls per second for specific requests and automatically set rules for warning and banning the offending client(s). It also includes […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[23],"tags":[159,156,157,158,31,154,46,155],"_links":{"self":[{"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/posts\/2304"}],"collection":[{"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/comments?post=2304"}],"version-history":[{"count":10,"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/posts\/2304\/revisions"}],"predecessor-version":[{"id":2387,"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/posts\/2304\/revisions\/2387"}],"wp:attachment":[{"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/media?parent=2304"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/categories?post=2304"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smartfoxserver.com\/blog\/wp-json\/wp\/v2\/tags?post=2304"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}