{"id":862,"date":"2023-01-26T07:27:22","date_gmt":"2023-01-26T07:27:22","guid":{"rendered":"https:\/\/globalgoodplay.com\/?p=862"},"modified":"2023-04-13T09:04:41","modified_gmt":"2023-04-13T09:04:41","slug":"new-in-2-19-extension-flood-filter","status":"publish","type":"post","link":"https:\/\/globalgoodplay.com\/?p=862","title":{"rendered":"New in 2.19: Extension Flood Filter"},"content":{"rendered":"

With the release of SmartFoxServer 2.19.0<\/strong> we have introduced a new Extension Flood Filter<\/strong> that provides fine grained control over the packet rate of Extension requests: it can be used to limit the number of calls per second for specific requests and automatically set rules for warning and banning the offending client(s).<\/p>\n

It also includes the ability to catch unknown Extension calls<\/strong> (i.e. requests for which there doesn\u2019t exist a request handler) and apply auto-ban rules as well.<\/p>\n

Under normal circumstances, e.g. users playing with the official client app, there shouldn\u2019t be a concern about request spam: limitations can be easily coded in the client itself. However it\u2019s also relatively easy for malicious users to reverse engineer a client made in Javascript, Unity or Java and bypass such limitations.<\/p>\n

Overview<\/h2>\n

In the diagram below we show a bird\u2019s eye view of the filter and its position in the Extension invocation chain. For each request handler defined in our Extension code (via the\u00a0addRequestHandler<\/em>\u00a0methods) we can set a limit expressed in number of\u00a0calls per second<\/strong>.<\/p>\n

<\/div>\n

In this example we have defined a\u00a0playerShoot<\/strong>\u00a0request handler and we\u2019ve also set a limit of 4 requests\/sec. If a client sends 20 calls in one second only the\u00a0first 4 will be passed to the Extension<\/strong>\u00a0and processed, while the rest will be discarded. Additionally, based on the auto-ban rules, the sender will either be warned or banned.<\/p>\n

Usage<\/h2>\n

The Extension Flood Filter is\u00a0inactive by default<\/strong>. To activate it we need to call the\u00a0initFloodFilter(\u2026)<\/strong>\u00a0method available from the parent\u00a0SFSExtension<\/strong>\u00a0class.<\/p>\n

public class AntiFloodTestExtension extends SFSExtension\n{\n    static final String PLAYER_SHOOT = \"pShoot\";\n    static final String PLAYER_MOVE = \"pMove\";\n \n    @Override\n    public void init()\n    {\n        ExtensionFloodFilterConfig cfg = new ExtensionFloodFilterConfig();\n        cfg.banDurationMinutes = 120;\n        cfg.maxFloodingAttempts = 3;\n        cfg.secondsBeforeBan = 2;\n        cfg.banMessage = \"You are now banned. Reason: request flooding.\";\n        cfg.filterRules = Map.of\n                        (\n                            PLAYER_SHOOT, 4, \n                            PLAYER_MOVE, 15\n                        );\n     \n        initFloodFilter(cfg);\n     \n        addRequestHandler(PLAYER_SHOOT, (sender, param) -> {\n         \n            trace(\"Shooting\");\n     \n        });\n     \n        addRequestHandler(PLAYER_MOVE, (sender, param) -> {\n         \n            trace(\"Moving\");\n     \n        });\n    }\n}\n<\/pre>\n
The initializer method takes a\u00a0ExtensionFloodFilterConfig<\/strong>\u00a0object with with a number of properties for warning and banning clients.<\/p>\n
For more details on each setting, default values and further details please check our documentation website here.<\/p>\n","protected":false},"excerpt":{"rendered":"
With the release of SmartFoxServer 2.19.0 we have introduced a new Extension Flood Filter that provides fine grained control over the packet rate of Extension requests: it can be used to limit the number of calls per second for specific requests and automatically set rules for warning and banning the offending client(s). It also includes<\/p>\n","protected":false},"author":1,"featured_media":863,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-862","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devices"],"_links":{"self":[{"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=\/wp\/v2\/posts\/862"}],"collection":[{"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=862"}],"version-history":[{"count":1,"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=\/wp\/v2\/posts\/862\/revisions"}],"predecessor-version":[{"id":971,"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=\/wp\/v2\/posts\/862\/revisions\/971"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=\/wp\/v2\/media\/863"}],"wp:attachment":[{"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=862"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=862"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/globalgoodplay.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=862"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}