MantisBT - Zandronum
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0000077Zandronum[All Projects] Suggestionpublic2010-10-03 15:332014-06-08 22:08
ReporterAlexMax 
Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
StatusclosedResolutionnot fixable 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version 
Summary0000077: A way of banning open proxies: sv_banports
Descriptionsv_banports contains a comma-delimited list of ports that are checked when a player connects to the server. If any of the ports listed are open on the player's IP, the player is kicked from the server. The number of ports should be kept at a reasonable level.
Steps To Reproduce
Additional InformationThis is an attempt to try and determine if the user is running behind an open proxy or not. You would add common ports used by open proxies (50050, 3128, 80, 3124, 8080), and if any of those ports are open and the player is not whitelisted, they're kicked.
TagsNo tags attached.
Relationships
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2010-10-03 15:33AlexMaxNew Issue
2010-10-03 17:12EruannaNote Added: 0000253
2014-06-08 22:08WatermelonStatusnew => closed
2014-06-08 22:08WatermelonResolutionopen => not fixable

Notes
(0000253)
Eruanna   
2010-10-03 17:12   
I hate to say it but I think this might be better on a security daemon that's connected to the server through RCON rather than on Skulltag itself. An example of what I mean is like with ircd. You can choose whatever daemon you want, and whatever security program you want, and whatever services daemon you want. This way, you can get all your favorite features of your favorite ircd, along with the security and peace of mind of the security daemon you choose. An ircd never forces a security process on you internally, and it is quite rare that an ircd should have one built in.

Of course, I was only using ircd as an example but I think it makes a strong case. I think if a security program such as the one you proposed is developed, it should be kept outside the Skulltag executable, and possibly even open source.