BlacklistCheck

Table of Contents

Blacklist Check

Overview

This plugin is designed to use public DNS Blacklist servers to check incoming connections and disallow anyone using a known public proxy from being able to connect. The list of DNSBL servers used is configurable.

Features

Stop grief before they even connect
Increased security
(v0.2) Whitelist known IP addresses to always allow connections
(v0.3) Whitelist entire IP subnets
(v0.5) Choose to block the connection until the address may be verified, or allow the connection and kick if they are blacklisted

Configuration

Plugin Configuration

DNSBLServers (v0.1) A list of DNS servers that will resolve blacklisted IP addresses
Whitelist (v0.2) A list of IP addresses that will always be allowed in and will not be checked against the DNSBL servers. NOTE: As of v0.3 these addresses must be in CIDR notation. For example to enter a single IP address use "127.0.0.1/32" to allow an entire class C subnet use "192.168.1.0/24". Please be sure to update the config file when upgrading from v0.2.
Debug (v0.3) (Boolean) [Default: false] A directive to have the plugin print more information to the console
LogDisconnects (v0.4) (Boolean) [Default: true] A directive to have the plugin output connection refusals to the console
DelayCheck (v0.5) (Boolean) [Default: false] A directive to have the plugin allow the connection, then thread the DNS lookups. This option is not recommended, as there will be a period of time when they will be connected to the server until the DNS lookup returns. It will, however, not delay the connection process.
DisconnectMessage (v0.5) (String) [Default: "Connected from a publicly blacklisted server!"] The configurable message to send along with the disconnect / kick.
LogToFile (v0.6) (Boolean) [Default: true] A directive to have the system log to the BlacklistCheck.log file in the plugin's directory for debug and disconnect messages.

Installation

To install the plugin, simply place the jar in the plugins directory

Bugs / Known Limitations

The default server list contains 8 DNS servers, checking each one takes time. Increasing this list will cause client timeout errors (without the DelayCheck configuration directive)
The client will be disconnected if even one DNS server returns a result for the address

Future Plans

Try to incorporate any additional user requests.

Comments

_ForgeUser8237554
- Join Date: 1/11/2012
- Posts: 88
- Member Details
#19 _ForgeUser8237554

View User Profile

Send Message

Posted Apr 11, 2012
All,

I am sorry for the problems with v0.5.1 and the delay check directive. I have corrected the errors and v0.5.1 is now properly operational.

Thank you for your understanding.

Rollback Post to Revision RollBack
_ForgeUser8237554
- Join Date: 1/11/2012
- Posts: 88
- Member Details
#18 _ForgeUser8237554

View User Profile

Send Message

Posted Apr 11, 2012
I have removed v0.5.1 for now.

Rollback Post to Revision RollBack
_ForgeUser8102634
- Join Date: 12/18/2011
- Posts: 136
- Member Details
#17 _ForgeUser8102634

View User Profile

Send Message

Posted Apr 11, 2012
I got same prob. with 5.1 it wont load. 5.0 is ok

Rollback Post to Revision RollBack
_ForgeUser7456779
- Join Date: 8/28/2011
- Posts: 95
- Member Details
#16 _ForgeUser7456779

View User Profile

Send Message

Posted Apr 10, 2012
@xdeathoreox

this happened when i tried to use 0.5.1 as well, i just downloaded 0.5 and it works fine.

Rollback Post to Revision RollBack

_ForgeUser6955486

Join Date: 6/3/2011
Posts: 128
Member Details

#15 Posted Apr 10, 2012

On start up:

12:10:00 PM [SEVERE] Could not load 'plugins\BlacklistCheck.jar' in folder 'plugins'
12:10:00 PM org.bukkit.plugin.InvalidPluginException: java.lang.NullPointerException
12:10:00 PM 	at org.bukkit.plugin.java.JavaPluginLoader.loadPlugin(JavaPluginLoader.java:148)
12:10:00 PM 	at org.bukkit.plugin.SimplePluginManager.loadPlugin(SimplePluginManager.java:305)
12:10:00 PM 	at org.bukkit.plugin.SimplePluginManager.loadPlugins(SimplePluginManager.java:230)
12:10:00 PM 	at org.bukkit.craftbukkit.CraftServer.loadPlugins(CraftServer.java:207)
12:10:00 PM 	at org.bukkit.craftbukkit.CraftServer.<init>(CraftServer.java:183)
12:10:00 PM 	at net.minecraft.server.ServerConfigurationManager.<init>(ServerConfigurationManager.java:53)
12:10:00 PM 	at net.minecraft.server.MinecraftServer.init(MinecraftServer.java:156)
12:10:00 PM 	at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:422)
12:10:00 PM 	at net.minecraft.server.ThreadServerApplication.run(SourceFile:492)
12:10:00 PM Caused by: java.lang.NullPointerException
12:10:00 PM 	at org.bukkit.plugin.PluginLogger.<init>(PluginLogger.java:22)
12:10:01 PM 	at org.bukkit.plugin.java.JavaPlugin.getLogger(JavaPlugin.java:359)
12:10:01 PM 	at com.archmageinc.BlacklistCheck.BlacklistCheck.<init>(BlacklistCheck.java:16)
12:10:01 PM 	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
12:10:01 PM 	at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
12:10:01 PM 	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
12:10:01 PM 	at java.lang.reflect.Constructor.newInstance(Unknown Source)
12:10:01 PM 	at org.bukkit.plugin.java.JavaPluginLoader.loadPlugin(JavaPluginLoader.java:144)
12:10:01 PM 	... 8 more

_ForgeUser8237554
- Join Date: 1/11/2012
- Posts: 88
- Member Details
#14 _ForgeUser8237554

View User Profile

Send Message

Posted Apr 9, 2012
@kozzy68

I have made an update to address the error below. It will require some investigation because the issue that caused this error was due to the player's address not being available. This was an unanticipated circumstance.

As for timeout: DNSBL is designed to timeout when a player is not blacklisted. The blacklist servers are servers hosting public DNS using the reverse IP address as a subdomain. For example, if your address is 127.0.0.1 and it uses the proxybl.org server, it performs a DNS query for 1.0.0.127.dnsbl.proxybl.org. If the DNS exists, then the address has been blacklisted, if the request times out, or does not have an entry, the address is okay. Therefore, it would not cause clients to timeout.

Rollback Post to Revision RollBack
_ForgeUser8102634
- Join Date: 12/18/2011
- Posts: 136
- Member Details
#13 _ForgeUser8102634

View User Profile

Send Message

Posted Apr 8, 2012
Hi I got this when I use delay check true:

2012-04-09 00:10:47 [SEVERE] Could not pass event PlayerLoginEvent to BlacklistCheck org.bukkit.event.EventException at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:303) at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62) at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:459) at net.minecraft.server.ServerConfigurationManager.attemptLogin(ServerConfigurationManager.java:227) at net.minecraft.server.NetLoginHandler.b(NetLoginHandler.java:102) at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:94) at net.minecraft.server.Packet1Login.handle(SourceFile:68) at net.minecraft.server.NetworkManager.b(NetworkManager.java:229) at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:48) at net.minecraft.server.NetworkListenThread.a(NetworkListenThread.java:61) at net.minecraft.server.MinecraftServer.w(MinecraftServer.java:551) at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:449) at net.minecraft.server.ThreadServerApplication.run(SourceFile:492) Caused by: java.lang.NullPointerException at com.archmageinc.BlacklistCheck.BlacklistTask.<init>(BlacklistTask.java:17) at com.archmageinc.BlacklistCheck.BlacklistListener.onPlayerLoginEvent(BlacklistListener.java:37) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:301)

o and btw what happens when some of those 8 servers gets unreachable ? wont it make clients timeout ?

Last edited by _ForgeUser8102634: Apr 8, 2012

Rollback Post to Revision RollBack
_ForgeUser8237554
- Join Date: 1/11/2012
- Posts: 88
- Member Details
#12 _ForgeUser8237554

View User Profile

Send Message

Posted Mar 22, 2012
@Hvarr

As mentioned in the Limitations section above, it takes time to run DNS queries. On servers with heavy load, I would recommend limiting the list of DNSBL servers down to perhaps one, or enable the DelayCheck configuration option. By enabling DelayCheck, it will thread the DNS lookup and thus not cause timeout issues.

This is merely a misconfiguration based on your server's requirements. If the above does not resolve the problem, let me know, I will make any adjustments I can to fulfill your needs.

Thank you

Rollback Post to Revision RollBack

_ForgeUser7680469

Join Date: 10/9/2011
Posts: 127
Member Details

#11 Posted Mar 22, 2012

BlacklistCheck v0.5
    PlayerPreLoginEvent Time: 490027085000 Count: 287 Avg: 1707411445
    PlayerLoginEvent Time: 2544000 Count: 286 Avg: 8895
    Total time 490029629000 (490s)
GroupManager v1.9 (Dev2.9.73) (Phoenix)
    PluginEnableEvent Time: 544000 Count: 35 Avg: 15542
    PlayerJoinEvent Time: 859665000 Count: 285 Avg: 3016368
    WorldInitEvent Time: 60000 Count: 5 Avg: 12000
    PlayerChangedWorldEvent Time: 430428000 Count: 132 Avg: 3260818
    PlayerKickEvent Time: 56000 Count: 4 Avg: 14000
    Total time 1290753000 (1s)
Minequery v1.5
    Total time 0 (0s)
WorldEdit v1121-144c0a9
    PluginEnableEvent Time: 871000 Count: 33 Avg: 26393
    PlayerJoinEvent Time: 4915000 Count: 285 Avg: 17245
    PlayerQuitEvent Time: 1273000 Count: 222 Avg: 5734
    PlayerChatEvent Time: 761000 Count: 277 Avg: 2747
    PlayerCommandPreprocessEvent Time: 5728000 Count: 422 Avg: 13573
    PlayerInteractEvent Time: 222039000 Count: 9683 Avg: 22930
    Total time 235587000 (0s)
Vault v1.2.13-b148
    PluginEnableEvent Time: 1322000 Count: 38 Avg: 34789
    PluginEnableEvent Time: 810000 Count: 38 Avg: 21315
    PluginEnableEvent Time: 586000 Count: 38 Avg: 15421
    PluginEnableEvent Time: 530000 Count: 38 Avg: 13947
    PluginEnableEvent Time: 382000 Count: 38 Avg: 10052
    PluginEnableEvent Time: 936000 Count: 38 Avg: 24631
    PlayerJoinEvent Time: 1153000 Count: 285 Avg: 4045
    Total time 5719000 (0s)
Multiverse-Core v2.4-b521
    PluginEnableEvent Time: 590000 Count: 31 Avg: 19032
    PlayerJoinEvent Time: 10636000 Count: 285 Avg: 37319
    PlayerQuitEvent Time: 671000 Count: 222 Avg: 3022
    PlayerChangedWorldEvent Time: 4110000 Count: 132 Avg: 31136
    PlayerChatEvent Time: 3426000 Count: 277 Avg: 12368
    PlayerTeleportEvent Time: 2039048000 Count: 10479 Avg: 194584
    PlayerRespawnEvent Time: 435000 Count: 8 Avg: 54375
    PlayerPortalEvent Time: 76000 Count: 4 Avg: 19000
    PlayerPortalEvent Time: 13000 Count: 4 Avg: 3250
    CreatureSpawnEvent Time: 15150000 Count: 2944 Avg: 5146
    FoodLevelChangeEvent Time: 2173000 Count: 328 Avg: 6625
    EntityRegainHealthEvent Time: 1227000 Count: 298 Avg: 4117
    WeatherChangeEvent Time: 32000 Count: 2 Avg: 16000
    Total time 2077587000 (2s)
WorldGuard v594-f2fead1
    PluginEnableEvent Time: 508000 Count: 28 Avg: 18142
    PlayerJoinEvent Time: 4141000 Count: 285 Avg: 14529
    ChunkLoadEvent Time: 28071000 Count: 20770 Avg: 1351
    PlayerQuitEvent Time: 15739000 Count: 222 Avg: 70896
    PlayerCommandPreprocessEvent Time: 15995000 Count: 422 Avg: 37902
    PlayerInteractEvent Time: 256010000 Count: 9683 Avg: 26439
    PlayerMoveEvent Time: 2485135000 Count: 342676 Avg: 7252
    PlayerRespawnEvent Time: 261000 Count: 8 Avg: 32625
    CreatureSpawnEvent Time: 36152000 Count: 2944 Avg: 12279
    FoodLevelChangeEvent Time: 7296000 Count: 328 Avg: 22243
    EntityRegainHealthEvent Time: 837000 Count: 298 Avg: 2808
    WeatherChangeEvent Time: 16000 Count: 2 Avg: 8000
    PlayerPickupItemEvent Time: 8920000 Count: 604 Avg: 14768
    PlayerBedEnterEvent Time: 101000 Count: 2 Avg: 50500
    PlayerDropItemEvent Time: 7048000 Count: 114 Avg: 61824
    PlayerItemHeldEvent Time: 35440000 Count: 2674 Avg: 13253
    BlockFormEvent Time: 506000 Count: 15 Avg: 33733
    SignChangeEvent Time: 44000 Count: 1 Avg: 44000
    BlockBreakEvent Time: 146724000 Count: 946 Avg: 155099
    BlockFromToEvent Time: 99369000 Count: 7777 Avg: 12777
    BlockPistonRetractEvent Time: 46615000 Count: 2114 Avg: 22050
    BlockFadeEvent Time: 1039000 Count: 34 Avg: 30558
    BlockPhysicsEvent Time: 641857000 Count: 1420237 Avg: 451
    BlockIgniteEvent Time: 1136000 Count: 570 Avg: 1992
    BlockPistonExtendEvent Time: 44608000 Count: 2120 Avg: 21041
    LeavesDecayEvent Time: 5370000 Count: 205 Avg: 26195
    BlockBurnEvent Time: 791000 Count: 322 Avg: 2456
    BlockRedstoneEvent Time: 528375000 Count: 156094 Avg: 3384
    BlockPlaceEvent Time: 22316000 Count: 504 Avg: 44277
    BlockSpreadEvent Time: 935000 Count: 26 Avg: 35961
    BlockDamageEvent Time: 5155000 Count: 3762 Avg: 1370
    ExplosionPrimeEvent Time: 20000 Count: 1 Avg: 20000
    EntityCombustEvent (and others) Time: 996000 Count: 309 Avg: 3223
    EntityDamageEvent (and others) Time: 233031000 Count: 13691 Avg: 17020
    EntityExplodeEvent Time: 378000 Count: 17 Avg: 22235
    EntityDeathEvent (and others) Time: 2030000 Count: 136 Avg: 14926
    EntityInteractEvent Time: 26000 Count: 4 Avg: 6500
    EntityChangeBlockEvent Time: 719000 Count: 113 Avg: 6362
    LightningStrikeEvent Time: 244000 Count: 12 Avg: 20333
    VehicleMoveEvent Time: 112215000 Count: 251267 Avg: 446
    VehicleDestroyEvent Time: 73000 Count: 1 Avg: 73000
    Total time 4796242000 (4s)

Timings of your plugin. It makes server virtually unplayable.

_ForgeUser8237554
- Join Date: 1/11/2012
- Posts: 88
- Member Details
#10 _ForgeUser8237554

View User Profile

Send Message

Posted Mar 18, 2012
@phaed420

Could you be more specific? Did the server log that your address was blacklisted? Did you receive the blacklist kick message? From what address where you connecting?

Rollback Post to Revision RollBack
_ForgeUser6949718
- Join Date: 6/2/2011
- Posts: 1,035
- Member Details
#9 _ForgeUser6949718

View User Profile

Send Message

Posted Mar 18, 2012
Very odd, I put this on my server and no one could log in. Not even me.

Rollback Post to Revision RollBack
_ForgeUser8237554
- Join Date: 1/11/2012
- Posts: 88
- Member Details
#8 _ForgeUser8237554

View User Profile

Send Message

Posted Mar 12, 2012
@BeastsMC

While it is possible for the system to operate in this way, the safest bet would be to not let them in at all. I may look at adding the option to provide this functionality.

edit: Added in v0.5

Last edited by _ForgeUser8237554: Mar 12, 2012

Rollback Post to Revision RollBack
_ForgeUser7089028
- Join Date: 6/29/2011
- Posts: 97
- Member Details
#7 _ForgeUser7089028

View User Profile

Send Message

Posted Mar 12, 2012
Since checking all of DNS servers can hold up the login process, what about letting them log in and checking them in another thread? This would let the login go through at a normal speed. Then, if their IP is blacklisted, kick them from the game with a message. Would this work?

Rollback Post to Revision RollBack
_ForgeUser8237554
- Join Date: 1/11/2012
- Posts: 88
- Member Details
#6 _ForgeUser8237554

View User Profile

Send Message

Posted Mar 11, 2012
@funknutz

With debug off, it will only log warning messages, I will try to add an option to log forced disconnects.

edit v0.4 now has the LogDisconnects configuration option.

Thank you all for your support. Donations are nice too /wink /wink

Last edited by _ForgeUser8237554: Mar 11, 2012

Rollback Post to Revision RollBack
_ForgeUser6909514
- Join Date: 5/28/2011
- Posts: 9
- Member Details
#5 _ForgeUser6909514

View User Profile

Send Message

Posted Mar 11, 2012
Oh, one more thing. Is the log going to list when people are disconnected due to being matched in a blocklist when I have debug off? My whitelist is long enough that it is making the debug output clutter my server.log.

Rollback Post to Revision RollBack
_ForgeUser6909514
- Join Date: 5/28/2011
- Posts: 9
- Member Details
#4 _ForgeUser6909514

View User Profile

Send Message

Posted Mar 11, 2012
People don't realize how valuable this plugin is. There's a little script kiddie tool people are using to proxy flood minecraft servers. I can't remember the name, but I saw it on another bukkit plugin. The name contained the word 'pwn', I think. Anyway, hopefully people find their way to this plugin, as it's the only one working right now, that I know of. It also seems to work very well, and thanks for adding the CIDR whitelist feature so quickly!

Rollback Post to Revision RollBack
_ForgeUser7503123
- Join Date: 9/5/2011
- Posts: 593
- Member Details
#3 _ForgeUser7503123

View User Profile

Send Message

Posted Mar 11, 2012
@ArchmageInc

Raw Plugin, keep it up to date. Thank you :D

Rollback Post to Revision RollBack
_ForgeUser8237554
- Join Date: 1/11/2012
- Posts: 88
- Member Details
#2 _ForgeUser8237554

View User Profile

Send Message

Posted Mar 10, 2012
@funknutz

I have added a Whitelist option to the config. Currently it only allows listing specific IP addresses. I hope to soon have a release that will allow whitelisting entire subnets.

Rollback Post to Revision RollBack
_ForgeUser6909514
- Join Date: 5/28/2011
- Posts: 9
- Member Details
#1 _ForgeUser6909514

View User Profile

Send Message

Posted Mar 10, 2012
This plugin is great. I don't know of any other alternative. MCBL is not updated. The only thing you really need is a whitelist override. I wish I had more time and skill to help you with that. I have a valid user whose entire /22 is blocked, and there is no way to get him into the server without disabling this plugin. Even if you could just add a simple permissions group check, that would be a simple whitelist.

Rollback Post to Revision RollBack
To post a comment, please login or register a new account.

Project ID

37361
Created

Mar 8, 2012
Last Released File

Apr 19, 2012
Total Downloads

6,677
License

Public Domain

Bukkit

BlacklistCheck

Bukkit Plugins

BlacklistCheck

Table of Contents

Blacklist Check

Overview

Features

Configuration

Plugin Configuration

Installation

Bugs / Known Limitations

Future Plans

See Also

Comments

About This Project

Categories

Members

Recent Files

Bukkit