Hi there!

I have just finished my work on a small script, which I called TeamSpeak 2 Anti-Flood Daemon. I know many of you have searched a workaround for the well known flooding attempts on TeamSpeak 2 servers. This script might help you. There are a few alternatives to this script, but some of them don't work on Windows, or the installation is way too complicated.

Download:
Click here (http://www.planetteamspeak.com/component/option,com_docman/task,doc_details/gid,42/) to Download the latest version of the script or open the following URL with your browser:

http://www.planetteamspeak.com/component/option,com_docman/task,doc_details/gid,42/

Features:

Prevents flooding attempts on TeamSpeak 2 servers by banning the performing IP address for 5 minutes.
Protects all virtual servers in a running TeamSpeak 2 server instance
Logs flooding attemps with exact date and IP address
Sends a private message to every serveradmin connected to the respective virtual serverRequirements:

A distribution of Perl
One of the latest BETA versions of the TeamSpeak 2 server (i.e. 2.0.22.3)How to install the script:
The script uses the TeamSpeak 2 servers logfile (server.log) to prevent flooding attempts by banning the performing IP address. This means you'll have to enable the enhanced logging capabilities of your TeamSpeak 2 server.

Look for the following lines in your server.ini file and enable at least access_r and access_u for the script to function normally:

[log]
access_r=0
access_u=0
channel_registerred=0
channel_unregisterred=0
sa=0
chat=0
kick_server=0
kick_channel=0

Create a new folder and copy all files from the Zip-archive into it. The folder should now contain the following files and folders:

drwxr-xr-x 2 TeamSpeak2
-rwxr-xr-x 1 ts2afd.pl
-rwxr-xr-x 1 ts2afd_startscript
Open the file ts2afd.pl with your favorite text-editor and follow the instructions in the configuration area. An example is shown below:

# ================================================== ==========================================
# ======================================= CONFIGURATION ======================================
# ================================================== ==========================================

# ****** SERVER ADDRESS AND TCP QUERY PORT ******
# This is the hostname or IP address and TCP port of the TeamSpeak 2 server.
# If you are unsure of what to put here, leave the default values.
my $server_address = "localhost";
my $server_tcpport = "51234";

# ****** SUPERADMIN USERNAME & PASSWORD ******
# This is the username and password you use to access your TeamSpeak 2 server.
# This must be an existing superadmn account.
my $ssa_username = "superadmin";
my $ssa_password = "password";

# ****** FULL PATH TO SERVER LOGFILE ******
# On a few systems it may be necessary to input the full path to your servers logfile
# for the TeamSpeak 2 Anti-Flood Daemon to function normally.
# Example Unix:
# my $server_logfile = "/home/ts2/teamspeak2/server.log";
# Example Windows:
# my $server_logfile = "C:/Program Files/TeamSpeak2/server.log";
my $server_logfile = "/home/teamspeak/teamspeak2/server.log";

# ****** SERVER SPAM LIMITS ******
# These values define the max amount of new connections from an IP address in a limited
# number of seconds.
# Do NOT set one of these values to 0!
# Example:
# my $spam_connections = 3;
# my $spam_seconds = 10;
# In this case an IP address will be able to connect 3 times in 10 seconds.
my $spam_connections = 3;
my $spam_seconds = 10;

# ****** ENABLE/DISABLE UNIX DAEMON ******
# This option allows you to start the script as a background process on Unix based systems
# without using the startscript.
# Do NOT enable this feature on Windows servers.
my $script_daemonize = 0;How to start the script on Linux:

Make sure Perl is installed on your system. Usually Perl is installed on dedicated Linux servers by default.
Simply use the startscript ts2afd_startscript to start the TeamSpeak 2 Anti-Flood Daemon.How to start the script on Windows:
On Windows servers you'll need to use a ready-to-install distribution like ActivePerl (http://www.activestate.com/Products/Download/Download.plex?id=ActivePerl), which is also available for Linux.
After ActivePerl (http://www.activestate.com/Products/Download/Download.plex?id=ActivePerl) is installed, double-click the ts2afd.pl to start the TeamSpeak 2 Anti-Flood Daemon.Hint:
As a small bonus the Zip-archive contains the latest versions of my TeamSpeak 2 Perl modules (TeamSpeak2::TCPquery and TeamSpeak2::Log), which I already used to create scripts like the TS2PerlMod.

Have fun!

Danke für die Arbeit :-)

Habs noch nicht ausprobiert aber ich bin von dem was du tust immer überzeugt! Nice job!

Tzetzetze gibts doch schon lange ähnliche Sachen für :D

Aber trotzdem nice one :-D

Das Ding ist bei TeamSpeak Einstieg im Einsatz und funktioniert bisher ohne Probleme.

Schön ist, das es kostenfrei und vor allem auch kostenlos von kommerziellen Hostern genutzt werden kann.

We're using the script on our first public server (TeamSpeak Public -1-) now and it seems to be very effective (8 banned IP addresses in less than 48 hours).

@warumdarum:
"kostenfrei" UND "kostenlos"... Du sprichst mir aus der Seele. Allerdings glaube ich, dass in deinem Satz das Wörtchen "ist" fehlt.

:D

@ ScP
Da kannst Du mal sehen...
Da bin ich so von kostenlosem und kostenfreiem geprägt, dass ich bei all dem Ersparten das Wörtchen "ist" wegrationalisiert habe. :-)

gute arbeit sven :)

mal schaun, das klingt echt nützlich!

Aww, sweet. That's freaking awesome, dude. Nicely done! *Claps*

muss ich das alles auf 0 stellen ?? mein englisch ist nicht gerade so gut

[log]
access_r=0
access_u=0
channel_registerred=0
channel_unregisterred=0
sa=0
chat=0
kick_server=0
kick_channel=0

Look for the following lines in your server.ini file and enable at least access_r and access_u for the script to function normally
Bedeutet, dass du mindestens access_r und access_u auf 1 setzen solltest.
Der Rest sollte egal sein.

Unter Windows solltest du allerdings noch darauf achten dass chat auf 0 bleibt.

hab linux und alles 1 ( glaub das war standart )

Unter Windows solltest du allerdings noch darauf achten dass chat auf 0 bleibt.
Warum denn?

bei mir kommt beim starten You are running an outdated version of the TeamSpeak 2 server (2.0.20.1) :confused:

Joa da wirst du gefragt ob du vielleicht eine ältere Version des Servers benutzt z.b. 2.0.20.1 . Die neuste Version ist diese: http://www.goteamspeak.com/index.php?page=downloads&id=7

Warum denn?

Weil es noch keine Windows-Serverversion > 2.0.20.1 gibt, wegen

[Ts2] Linux Server Binary BETA 2.0.21.3 hi there,

this version fixes ONLY:
- webinterface security flaw where an serveradmin could be able
to stop/delete/etc other servers via webinterface.
- multiline chats will be logged on a per line basis

Könnte vielleicht an Fielmann liegen... denn damit wäre das nicht passiert :-) Du nutzt scheinbar die falsche Version von Teamspeak! Hau Dir mal die aktuellere Beta rauf :-)

i am running this on a windows server... one problem that i had was that it could not load the log file...

# Example Windows:
# my $server_logfile = "C:/Program Files/TeamSpeak2/server.log";

when i copy the patch to the log file on my computer i get a path like this...

"C:\Program Files\Teamspeak2_RC2\server.log"

the problem was that the path copied from windows has a "\" that needs to be changed to a "/"

Making it look like this

# Example Windows:
# my $server_logfile = "C:/Program Files/TeamSpeak2/server.log";
my $server_logfile = "C:/Program Files/Teamspeak2_RC2/server.log";

So dont just copy the path in.

Very nice addition to the perlmod, but it would be nice that if when you had an error that the window stayed open longer then 2 seconds after it bombs out.

@mojo742:
You can change this very easily. Here's an example:

# connect to the TeamSpeak 2 server
print "Connecting to server $server_address -> ";
my $tcpquery = TeamSpeak2::TCPquery->new($server_address, $server_tcpport);
if(!$tcpquery) {
print "[!!]\n";
print "$current_time - The server is not responding. Maybe the server is offline or TeamSpeak 2 is not running on it.\n";
sleep 3;
exit;
} else {
print "[OK]\n";
}Just change the integer behind sleep to another value of your choice (i.e. sleep 10 = script stops for 10 seconds).

danke ScreaM_GER nun gehts ;)
bin gespannt ob es auch geht kann es ja leider selber nicht testen

thanks ScP

C:\Program Files\6teamspeak2_RC2>ts2afd.pl
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 34, near "6teamspeak2_RC2"
(Missing operator before teamspeak2_RC2?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 34, near "teamspeak2_RC2\"
Operator or semicolon missing before %H at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 58.
Ambiguous use of % resolved as operator % at C:\Program Files\6teamspeak2_RC2\ts
2afd.pl line 58.
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 60, near "print ""
(Might be a runaway multi-line "" string starting on line 58)
(Missing semicolon on previous line?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 60, near "print "TeamSpeak"
(Do you need to predeclare print?)
Number found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 60, near "TeamSpeak 2"
(Do you need to predeclare TeamSpeak?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 60, near "2 Anti"
(Missing operator before Anti?)
Number found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 60, near "Version 0.3"
(Do you need to predeclare Version?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 60, near "]\"
(Missing operator before \?)
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 61, near "print ""
(Might be a runaway multi-line "" string starting on line 60)
(Missing semicolon on previous line?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 61, near "print "Copyright"
(Do you need to predeclare print?)
Number found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 61, near ") 2006"
(Missing operator before 2006?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 61, near "2006 by"
(Missing operator before by?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 61, near "'ScP' Paulsen"
(Missing operator before Paulsen?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 61, near "Paulsen\"
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 62, near "print ""
(Might be a runaway multi-line "" string starting on line 61)
(Missing semicolon on previous line?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 62, near "print "\"
(Do you need to predeclare print?)
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 65, near "print ""
(Might be a runaway multi-line "" string starting on line 62)
(Missing semicolon on previous line?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 65, near "print "Connecting"
(Do you need to predeclare print?)
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 68, near "print ""
(Might be a runaway multi-line "" string starting on line 65)
(Missing semicolon on previous line?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 68, near "]\"
syntax error at C:\Program Files\6teamspeak2_RC2\ts2afd.pl line 34, near "C:"
Global symbol "$spam_connections" requires explicit package name at C:\Program F
iles\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$spam_seconds" requires explicit package name at C:\Program Files
\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$spam_connections" requires explicit package name at C:\Program F
iles\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$spam_seconds" requires explicit package name at C:\Program Files
\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$script_daemonize" requires explicit package name at C:\Program F
iles\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$current_time" requires explicit package name at C:\Program Files
\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "%M" requires explicit package name at C:\Program Files\6teamspeak
2_RC2\ts2afd.pl line 58.
Global symbol "%S" requires explicit package name at C:\Program Files\6teamspeak
2_RC2\ts2afd.pl line 58.
Global symbol "$tcpquery" requires explicit package name at C:\Program Files\6te
amspeak2_RC2\ts2afd.pl line 65.
Global symbol "$tcpquery" requires explicit package name at C:\Program Files\6te
amspeak2_RC2\ts2afd.pl line 65.
C:\Program Files\6teamspeak2_RC2\ts2afd.pl has too many errors.



was it me or ? :S

It seems like you made a little mistake in line 34. It should look like this:

my $server_logfile = "C:/Program Files/Teamspeak2_RC2/server.log";Use '/' instead of '\' as it's shown in the example!

C:\Program Files\6teamspeak2_RC2>ts2afd.pl
Number found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 34, near "/Program Files/6"
(Missing operator before 6?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 34, near "6teamspeak2_RC2"
(Missing operator before teamspeak2_RC2?)
Operator or semicolon missing before %H at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 58.
Ambiguous use of % resolved as operator % at C:\Program Files\6teamspeak2_RC2\ts
2afd.pl line 58.
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 60, near "print ""
(Might be a runaway multi-line "" string starting on line 58)
(Missing semicolon on previous line?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 60, near "print "TeamSpeak"
(Do you need to predeclare print?)
Number found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 60, near "TeamSpeak 2"
(Do you need to predeclare TeamSpeak?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 60, near "2 Anti"
(Missing operator before Anti?)
Number found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 60, near "Version 0.3"
(Do you need to predeclare Version?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 60, near "]\"
(Missing operator before \?)
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 61, near "print ""
(Might be a runaway multi-line "" string starting on line 60)
(Missing semicolon on previous line?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 61, near "print "Copyright"
(Do you need to predeclare print?)
Number found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 61, near ") 2006"
(Missing operator before 2006?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 61, near "2006 by"
(Missing operator before by?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 61, near "'ScP' Paulsen"
(Missing operator before Paulsen?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 61, near "Paulsen\"
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 62, near "print ""
(Might be a runaway multi-line "" string starting on line 61)
(Missing semicolon on previous line?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 62, near "print "\"
(Do you need to predeclare print?)
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 65, near "print ""
(Might be a runaway multi-line "" string starting on line 62)
(Missing semicolon on previous line?)
Bareword found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2af
d.pl line 65, near "print "Connecting"
(Do you need to predeclare print?)
String found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2afd.
pl line 68, near "print ""
(Might be a runaway multi-line "" string starting on line 65)
(Missing semicolon on previous line?)
Backslash found where operator expected at C:\Program Files\6teamspeak2_RC2\ts2a
fd.pl line 68, near "]\"
syntax error at C:\Program Files\6teamspeak2_RC2\ts2afd.pl line 34, near "C:"
Global symbol "$spam_connections" requires explicit package name at C:\Program F
iles\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$spam_seconds" requires explicit package name at C:\Program Files
\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$spam_connections" requires explicit package name at C:\Program F
iles\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$spam_seconds" requires explicit package name at C:\Program Files
\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$script_daemonize" requires explicit package name at C:\Program F
iles\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "$current_time" requires explicit package name at C:\Program Files
\6teamspeak2_RC2\ts2afd.pl line 34.
Global symbol "%M" requires explicit package name at C:\Program Files\6teamspeak
2_RC2\ts2afd.pl line 58.
Global symbol "%S" requires explicit package name at C:\Program Files\6teamspeak
2_RC2\ts2afd.pl line 58.
Global symbol "$tcpquery" requires explicit package name at C:\Program Files\6te
amspeak2_RC2\ts2afd.pl line 65.
Global symbol "$tcpquery" requires explicit package name at C:\Program Files\6te
amspeak2_RC2\ts2afd.pl line 65.
C:\Program Files\6teamspeak2_RC2\ts2afd.pl has too many errors.


i changed it to as u said,and still the same problem,
-
if u want access pm me and i can arrange something with you

when i try to start it it says its unable to open the log file.. pls help lol nvm the answer was 2 post up

Das Script stürzt auf dem TeamSpeak-Einstieg Server regelmäßig ab.

Ich hatte gerade wieder 2 Flooder auf meinem Server. So kann ich das Ding nicht gebrauchen. Bis das gefixt ist, muss ich wohl wieder die Zahlen in Nicknames verbieten.

Von allen Usern bist du bislang der Einzige, der von Abstürzen berichtet.

Bis das gefixt ist, muss ich wohl wieder die Zahlen in Nicknames verbieten.Ohne nähere Informationen gibt es da nichts zu fixen. Du kannst das Script ja mal mit ein paar Debug-Aktionen füllen (z.B. zusätzliche Einträge ins Log). So komplex ist der Code nicht, also sollte das kein Problem sein.

;)

Mit dieser Zeile würdest du z.B. eine neue Zeile ins Log schreiben:

print LOG "$current_time\tIch bin eine lustige neue Zeile im Logfile :)\n";Wie vielleicht einige Leute wissen, steht "\t" für einen Tabulator und "\n" für einen Zeilenumbruch.

Oh cool. This program works like a charm. Very smoothly ran, too.

Deustch - OH- kühl. Dieses Programm arbeitet wie ein Charme. Lief sehr glatt, auch.

SCP any ideas about my second post giving me the same error?

@White_Magic:
Send me a PM containing the configuration section of your script (WITHOUT any passwords). I still think you made a little mistake in there...

for some reason this script keeps crashing on my box. im running linux. the script will run for a few hours then stop working. teamspeak however is working fine. any ideas?

you have to post some output from stdout or stderr or wherever this script writes it output to so that others can give you some help

you have to post some output from stdout or stderr or wherever this script writes it output to so that others can give you some help
I have the same problem and I don't know where to find these messages.

Thankyou, finally a script that worked for me :)

the script dosnt give an output. it runs fine for a few hours then just dies. even leaves the pid file. and reviewing the log shows no sign of it being stoped or errors.

@static_x:
I've just fixed this issue. I'll test the new code on our three public servers and release the new version soon...

THANK YOU :D

i will check back here often.


:)

Bei mir kommt immer die Fehlermeldung :
You are running an outdated version of the TeamSpeak 2 server (2.0.20.1).
Ich habe die alte server_linux durch die neue server_linux ersetz, die irgendwo oben in diesem tread von jemanden erwähnt wurde aber die meldung kommt trotzdem.
Habe den Server auch danach paar mal neugestartet und rehashed :/

@moxid:
Das Starten bzw. Stoppen eines virtuellen TeamSpeak Servers genügt nicht. Du musst die gesamte Instanz neu starten nachdem du die Datei ersetzt hast.

Danke ! Das Script läuft wunderbar.
Kann man eventuell noch die Bantime einstellen ?
Habe im Script nichts gefunden, wo die Banzeit angegeben wird

Ich vermute mal, einfach die Minutenzahl in Zeile 192 von ts2afd.pl verändern.

just wanted to know if you are ready to release an update...

always still no update?

Update for what?

It's OpenSource, so make your own update! :)

Hmm the problem is: There is no license information anywhere in one of the Antifloodbotfiles (or I did not found them :p ) that tells you that it is open source software that you are allowed to modify on your own

Oh, that's right!

In the two perl-modules are some license-information, but not in the main-program!

hmm, ...

so, you have to code your own program with the modules! :p

I've modified the TeamSpeak2::Log module and the script itself. I'll release the new files this weekend.

;)

I've just uploaded the updated archive. The following things have been changed:

TeamSpeak 2 Anti-Flood Daemon 0.3 -> 0.4
The script no longer crashes when getting weird output from the TeamSpeak2::Log module.
The script now stops with the TeamSpeak 2 server instance.
The scripts logfile now shows detailed information about the virtual server on which the flooder has been banned.
The scripts logfile now shows detailed information about weird lines in the servers logfile.
The time is now shown correctly on Windows servers.

TeamSpeak2::Log 0.3.2 -> 0.3.6
The object method analyze() now recognizes weird lines in the servers logfile.
The object method analyze() now recognizes "log ended" lines.

TeamSpeak2::TCPquery 0.4.7 -> 0.4.9
The object method get_serverlog() now recognizes "log ended" lines.

running on windows
had to change this..
if($serverversion[0] != 2 || $serverversion[2] < 21) {
to this..
if($serverversion[0] != 2 || $serverversion[2] < 20) {

since the newest version is 2.0.20.1

Hi leute,
ich wollte mal fragen ob das Anti-flood auch für Windows gibts und ob eine Deutsche Anleitung vorhanden ist. Und wo kann ich das Tool bekommen?

MfG
<-|->UnderGround-Server<-|->

@mojo742:
We've released two new Linux server binaries (2.0.21.3 and 2.0.22.1) in the past. Information about these versions can be found here:

http://forum.goteamspeak.com/showthread.php?t=29165
http://forum.goteamspeak.com/showthread.php?t=24962

If you're using version 2.0.20.1 (as you have to since you're a Windows user), please follow the instructions I've stated in my first post.


Since the latest BETA versions (2.0.21.3 or 2.0.22.1) are not yet available for Windows servers, we'll have to make some changes to the ts2afd.pl. Open the file and look for the following lines and remove them or comment them out (#):
print "Checking server compatibility -> ";
my @serverversion = $tcpquery->get_serverversion();
if($serverversion[0] != 2 || $serverversion[2] < 21) {
print "[!!]\n";
print "$current_time - You are running an outdated version of the TeamSpeak 2 server ($serverversion[0].$serverversion[1].$serverversion[2].$serverversion[3]).\n";
sleep 3;
exit;
} else {
print "[OK]\n";
}

Due to security reasons I recommend that you deactivate the chat logging capabilities of your TeamSpeak 2 server by disabling chat in the [log] section of your server.ini file.Disabling the chat logging capabilities IS necessary when you're using version 2.0.20.1, because it's possible to "fake" log entries by sending a multiline text message to a channel.

@UnderGround: Lies doch mal den allerersten Post. Mit Erstaunen wirst du feststellen, dass das Script im Prinzip nicht vom OS abhängt, sondern nur vom vorhandenen oder nicht-vorhandenen Perl!

Hi mates,
i have strange probs with the deamon. it keeps getting crashed.
I heard about an update but i can´t find any download links.

Would be nice if someone could help.

The download-link is the same. Look in the first post of this thread! (the Attachment)

so i need to do it like this ?

[log]
access_r=1
access_u=1
channel_registerred=1
channel_unregisterred=1
sa=1
chat=1
kick_server=1
kick_channel=1

?

no !

read the tutorial in the first page of the tread. it has to be:

access_r=1
access_u=1
channel_registerred=0
channel_unregisterred=0
sa=0
chat=0
kick_server=0
kick_channel=0

[Spam]
max_commands=10
in_seconds=2

no !

read the tutorial in the first page of the tread. it has to be:

access_r=1
access_u=1
channel_registerred=0
channel_unregisterred=0
sa=0
chat=0
kick_server=0
kick_channel=0

[Spam]
max_commands=10
in_seconds=2
if i do all 1?
It will demonstrate me in server.log those who join serve and disconnect?
and who kick who ? who ban who ? who open ch ? who del ch ?
thanks :p

hay my server was hacked... stupid me left Web access open for the 2nd server i made lol, any way this showed up in the TeamSpeak 2 Anti-Flood Daemon Log file

05/07/06 15:03:17 Found a weird line in the servers logfile: 07-05-06 15:03:17,ERROR,All,UDP Listener, SID: 2 CMD_cs_ChannelDestroy Exception: EAccessViolation.Access violation at address 004E3C7D in module 'server_windows.exe'. Read of address 00A6CC38
05/07/06 15:03:19 Found a weird line in the servers logfile: 07-05-06 15:03:19,ERROR,All,UDP Listener, SID: 2 CMD_cs_ChannelDestroy Exception: EAccessViolation.Access violation at address 004E3C7D in module 'server_windows.exe'. Read of address 01BC7F74
05/07/06 15:05:24 Found a weird line in the servers logfile: 07-05-06 15:05:24,ERROR,All,UDP Listener, SID: 2 CMD_cs_ChannelDestroy Exception: EAccessViolation.Access violation at address 004E3C7D in module 'server_windows.exe'. Read of address 01BDAD44

dose this mean any thing

Since the latest TeamSpeak 2 server BETA binary (2.0.22.2 (http://forum.goteamspeak.com/showthread.php?t=30874)) is finally available for Windows operating systems, I've updated the installation instructions in my initial post.

Awsome program ScP. I got it set up on my teamspeak server and had my friend spam join to see if it worked. I'm happy to report I got this message when he tried, [13:53:51] *priv* : IP "**.**.***.***" got banned from the server by "TeamSpeak 2 Anti-Flood Daemon" :D

Although it's just a simple script... Thank you!

:)

ich bekomm immer folgende fehlermeldung
"The servers logfile could not be opened." :\

Dann wirst du wohl den Pfad zur server.log nicht korrekt angegeben haben!

Wichtig: Auch bei Windows KEIN Backslash ("\")!!!

Hi

Als *Anfänger* möchte ich hier doch einmal ganz dumm Fragen:

IP-Ban wird automatisch für 5 Minuten gesetzt, kann dies auf sagen wir 10 oder 15 minuten erhöht werden?

rein logisch betrachtet:
durchsuch den quellcode nach der zahl 5, wenn du sie irgendwo bei ner variable names z.B. bantime findest ist dein problem gelöst und du änderst einfach die zahl, aber ich glaub das stand hier in dem trhread irgendwo schonmal

Danke, hätt ich auch selbst drauf kommen können *schäm* :rolleyes:

Aber mal was anderes:
@ ScP --> Wäre es möglich, das Tool dahingehend zu erweitern, dass alle User mit der IP die gebannt wurden gleichzeitig vom Server gekickt werden?

Das Tool setzt dem Flooder zwar den IP-BAN, aber meistens sind diese Flooder ja noch mit einem weiteren Usernamen (meist aber mit der selben IP) auf dem Server connectet um auch zu sehen ob sie Erfolg haben. Diese User bleiben ja auch nach dem IP-BAN auf dem Server, könnten dann nur nicht mehr neu connecten.

Wenn der Daemon diese User dann gleichzeitig kicken würde, wäre es PERFECT! :cool:

Interessant. Wenn der kleine Bruder nebenan Mist baut wird man völlig unschuldig vom Server gekickt. Glücklicherweise habe ich keine Geschwister aber die Situation wird sicher auch unter anderen Umständen auftreten.

Interessant. Wenn der kleine Bruder nebenan Mist baut wird man völlig unschuldig vom Server gekickt. Glücklicherweise habe ich keine Geschwister aber die Situation wird sicher auch unter anderen Umständen auftreten.

Gutes Argument :rolleyes:
...aber mal ehrlich, wenn Du und dein Bruder auf dem selben TS seid und Dein Brüderchen fängt an den TS zu flooden fänd ich es gut wenn Ihr beide fliegt. Dann würdest Du deinem Brüderchen wenigstens gleich in den Ar..... treten für den Mist den er gebaut hat :D

Ich glaube aber kaum dass diese Situation oft auftreten würde und erstens wird der IP-BAN ja nach 5 Minuten wieder aufgehoben und wenn wirklich mal versehentlich jemand gebannt wurde können die SA´s den BAN ja wieder löschen.

Abgesegen davon, wer meinen TS floodet, für den hab ich kein Mitleid über und wüsste auch nicht warum ich da rücksicht nehmen sollte. Die Spielkinder sollen den Blödsinn einfach lassen, dann laufen sie auch nicht Gefahr vom Server zu fliegen.

Good job ScP. Really helpful for my clan's TeamSpeak. :)

Wird es eine neuere Version zusammen mit TS3 geben, jedoch? Wenn so, versuchen Sie und bilden Sie es mögen, wo die Leute nicht TSPF.exe auf Ihnen verwenden können, auch. (Antiflood) Umm, Dank für das ehrfürchtige Material.

i think it would be better if you write everything in english. Like this it is nearly impossible to understand what you want to say.

Hello,

My firnd and I have a teamspeak and it is ran off his computer TeamSpeak windows version 2.0.20.1. I do have superadmin on his TeamSpeak. Is there any way not to have to have the ewest verion or if could help me tell him how to get the laster version.:D

Also i have ran the Program on my Server of my computer i would like to Thank You very much this help me alot. If you could tell me how to update my friends server because idont no how mine was updated.

But Thanks works real smootly.

:D XPmaster :D

First, thank you for this tool/script. :-) I am already using it for a while.

I made some improvements in the start scripts which makes them more comfortable in using it after a reboot/crash or automated servers.

#! /bin/bash

# ts2afd_startscript - TeamSpeak 2 Anti-Flood Daemon startscript for Linux
# This script is a modified version of the TeamSpeak 2 server startscript written by pwk.kinuxfan.
# Modified 2006 by Sven Paulsen
# Modified again by Bamieater 2006


PIDFILE=ts2afd.pid

case "$1" in
start)

if [ -f $PIDFILE ]; then
echo "WARNING: found pid-file. $PIDFILE"
OPID=$(cat $PIDFILE)
if [ -d "/proc/$OPID" ]; then
echo "ERROR: Client with this ID is already runnig.";
exit
else
echo "INFO: removed stale lockfile (prev pid: $OPID).";
rm -f $PIDFILE
fi
fi

if [ -e ts2afd.pid ]; then
echo "The file ts2afd.pid already exists. Is the script already started?";
echo "If you are sure the script is not running, delete the file ts2afd.pid."
exit 1
else
if [ -e ts2afd.pl ]; then
if [ ! -x ts2afd.pl ]; then
echo "The file ts2afd.pl is not executable. Trying to set it..."
chmod u+x ts2afd.pl
fi
if [ -x ts2afd.pl ]; then
./ts2afd.pl daemon
else
echo "The file ts2afd.pl is not executable. Fix this!"
exit 4
fi
else
echo "Could not find the file ts2afd.pl."
exit 5
fi
fi
;;

stop)
if [ -e ts2afd.pid ]; then
echo -n "Stopping the TeamSpeak 2 Anti-Flood Daemon... "
kill -KILL `cat ts2afd.pid`
rm ts2afd.pid
sleep 5
echo "done"
else
echo "The file ts2afd.pid is missing. Is the script started?"
exit 7
fi
;;
restart)
$0 stop && $0 start || exit 1
;;
status)
if [ -e ts2afd.pid ]; then
echo "The TeamSpeak 2 Anti-Flood Daemon seems to be running."
exit 0
else
echo "The TeamSpeak 2 Anti-Flood Daemon seems to be stopped."
exit 3
fi
;;
*)
echo "Usage: $0 {start | stop | restart | status}"
exit 2
esac
exit 0


I also modified the TS startup file.

#! /bin/bash
# Copyright (c) 2004 TeamSpeak team All rights reserved.
#
# Author: pwk.linuxfan 2004
#
# Modified by Bamieater 2006


PIDFILE=tsserver2.pid

case "$1" in
start)

if [ -f $PIDFILE ]; then
echo "WARNING: found pid-file. $PIDFILE"
OPID=$(cat $PIDFILE)
if [ -d "/proc/$OPID" ]; then
echo "ERROR: Client with this ID is already runnig.";
exit
else
echo "INFO: removed stale lockfile (prev pid: $OPID).";
rm -f $PIDFILE
fi
fi

if [ -e tsserver2.pid ]; then
echo "tsserver2.pid already exists...server already started ?";
echo "If you are sure the server is not running, delete tsserver2.pid"
exit 1
else
if [ "$UID" = "0" ]; then
echo WARNING ! For security reasons we advise: DO NOT RUN THE SERVER AS ROOT
for c in $(seq 1 10); do
echo -n "!"
sleep 1
done
echo !
fi
echo "starting the teamspeak2 server"
if [ -e server_linux ]; then
if [ ! -x server_linux ]; then
echo "server_linux is not executable, trying to set it"
chmod u+x server_linux
fi
if [ -x server_linux ]; then
./server_linux -PID=tsserver2.pid
else
echo "server_linux is not executable, fix this"
exit 4
fi
else
echo "Couldnt find server_linux"
exit 5
fi
fi
;;
stop)
if [ -e tsserver2.pid ]; then
echo -n "stopping the teamspeak2 server"
if ( kill -TERM `cat tsserver2.pid` ); then
for c in $(seq 1 300); do
if [ -e tsserver2.pid ]; then
echo -n "."
sleep 1
fi
done
fi
if [ -e tsserver2.pid ]; then
echo "server does not shutdown cleanly - killing"
kill -KILL `cat tsserver2.pid`
rm tsserver2.pid
sleep 5
else
echo "done"
fi
else
echo "tsserver2.pid is missing, no started server ?"
exit 7
fi
;;
restart)
$0 stop && $0 start || exit 1
;;
status)
if [ -e tsserver2.pid ]; then
echo "the server seems to be running"
exit 0
else
echo "the server seems to be stopped"
exit 3
fi
;;
passwords)
if [ -e server.log ]; then
date=$(cat server.log | grep "admin account info: username: admin" | tail -n 1 | sed "s/^\([0-9]\+-[0-9]\+-[0-9]\+ [0-9]\+:[0-9]\+:[0-9]\+\).*$/\1/")
spass=$(cat server.log | grep "superadmin account info: username: superadmin" | tail -n 1 | sed "s/^.*username: superadmin password: \([a-z0-9]\+\).*$/\1/")
pass=$(cat server.log | grep "admin account info: username: admin" | tail -n 1 | sed "s/^.*username: admin password: \([a-z0-9]\+\).*$/\1/")
echo "Following passwords were generated on $date"
echo "superadmin = \"$spass\""
echo "admin = \"$pass\""
else
echo "server.log not found, maybe you did not start the server yet ?"
exit 1
fi
;;
*)
echo "Usage: $0 {start|stop|restart|status|passwords}"
exit 2
esac
exit 0


And finally put something like this in your rc.local file:
#
# start teamspeak server
#
/bin/su - ts -c "cd /home/ts/tss2_rc2 ; ./teamspeak2-server_startscript start"
/bin/su - ts -c "cd /home/ts/tss2_rc2 ; ./ts2afd_startscript start"

Hey everyone - first post - hope this doesn't sound to n00bish. I'm a client user, I get on a buddies TS and someone said they came from this forum - an Admin or something and said he was trying to help us with a issue with Team Speak. This is not the first time we have had "offers" for help and script kiddies galore have been trying to use some sort of TS script to disable Admins from changing anything (i.e. banning, kicking etc) etc.

Here are some screenshots of this event recently in progress - any help would be greatly appreciated;

First - this error when right clicking on the nick:
http://img62.imageshack.us/img62/6038/zodiac1id.jpg

Then this information about the user:
http://img62.imageshack.us/img62/5889/zodiac27vq.jpg

And then he spammed the hell out of us;
http://img62.imageshack.us/img62/9791/zodiacspammer8bw.jpg

He had no (U), no (R), nothing when he first joined. Firstly - I would like to know how this is possible. Secondly - why is this exploit available without a fix?

When he first joined - he claimed he was from:
http://forum.planetteamspeak.com/index.php

And then changed his nick to Zodiac - if anyone has any information about how this is done and why - it would be greatly appreciated. Will recommend this Anti-Spam to the Admin / Owner (paid for TS), and see if this is something that will help. Although - if people can exploit without having to register or have an IP address to BAN - I feel this is useless...

Beware other fellow users - something just ain't right about all this.

:mad:

Regards,

C.S.

@C0LDSH07:
Thank you for your information. I'm worried about what you've written about this guys nickname. The servers logfile would be useful for us.

:(

I'm a client user, I get on a buddies TS

Sorry - but I have'nt been able to hail him as of yet. As noted - I'm not able to gain access to those files as it is not my server. I have done some research though and found that it was a group that I believe all are all to familiar with. *****.Net (must have missed as to why thier name is ***'ed out - but I suppose eveyone has thier reasons...) - thier TS server had the same guy in it under a different nick - but same voice - after recording the two - in our server and then in "his" server - and running a simplified voice analysis program - it was an identical match.

Not much I can do about him - made me feel better about who the script kiddies are though.

Will see if I can get the logs in a timely fashion.

Thanks for your kind reply - although I would like to know your worries before much else is disclosed?

Thanks in advance,

C.S.

There's no way for this guy to gain SA permission unless you give them to him directly. But the ability to join a TeamSpeak server without having the usual flags displayed behind your nickname could confuse a lot of users.

@C0LDSH07: To your first "problem". I think if you disallow the characters "{" and "}", the error won't occure! Just restart the server after editing the server.ini!

@C0LDSH07: To your first "problem". I think if you disallow the characters "{" and "}", the error won't occure! Just restart the server after editing the server.ini!

The characters "{" and "}" (all brackets) are disallowed - have been for some time - so I doubt that could be an issue - but like I mentioned in the original - LOL - definately rather n00b to this sort of script exploit...

:(

Thanks for your kind replies though - still working on it - still having the same issues - even after a new password lock...

Regards,

C.S.

There's no way for this guy to gain SA permission unless you give them to him directly. But the ability to join a TeamSpeak server without having the usual flags displayed behind your nickname could confuse a lot of users.

The Admin status isn't much an issue either - but for now - it's a continuing spam flooding - in and out - no ip to ban etc. Very annoying. But - as with all things - there will be a fix and hopefully - it comes from here :)

Thanks guys for giving this notice!

C.S.

The Anti-Flood Daemon hadn't ban him?

That's strange. I think just the client has a problem with those RTF-Codes.

@PLuS:
He doesn't have administrative access to his server and the Anti-Flood daemon isn't running on his system.

But hey, let's just finally get back to topic...

:rolleyes:

Allowing only a limited set of characters in nicknames does not help?

The server.ini setting "AllowedClientNameChars" should normally block any characters except the ones you allow there.

ScP, did you noticed my reply (http://forum.goteamspeak.com/showpost.php?p=136739&postcount=73) with some improved startup scripts?

@Bamieater:
I've seen it. Thanks for your improvements. I'll Include your versions in future releases.

Hi,

In the readme file of the installation it is told to use at least the 2.0.22.3 BETA version, which is the last one.

But as we are running TS as a service on our server located in a datacenter, we only can use the last TeamSpeak 2 Server (RC2) Service binary which is the 2.0.20.1 BETA version (win).

So my question is, is it possible to have the TeamSpeak 2 Server (RC2) Service binary for the 2.0.22.3 BETA, or to use the floodcontrol on te 2.0.20.1 BETA version?

[edit]
I read in other posts that there will not be other service binaries. So you have to make your own service. Which is not that difficult.
U will need the Windows Resource kit (http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&DisplayLang=en )

All the procedure to install teamspeak as a service is via this link (which should be added as a sticky if no future service binaries)
http://forum.goteamspeak.com/showthread.php?t=26266&highlight=teamspeak+service

intersting links:
http://support.microsoft.com/kb/q137890/


Coming back to the antiflood... If you need teamspeak as a service, u will need to put the ts2afd.pl also as a service... but I'm still searching the best method cose this service needs ti start after the TS service.. and i dind't figure out up to now how to do this.

=M=i=M=™.

hi
first of all thx for that 'helping thread'
question
im always getting error getting db_serverlist.. ??
how to fix??
:confused:
would be nice

@mozzi:
This could be a small bug in the TeamSpeak2::TCPquery package. Do you have any weird chars in one of your servers names?

Guten Tag,


Leider habe ich einige Probleme mit diesem Skript.

1.Mir Fehlen ein Paar Dateien in dem Zip-File oder auf dem root
Hint:
As a small bonus the Zip-archive contains the latest versions of my TeamSpeak 2 Perl modules (TeamSpeak2::TCPquery and TeamSpeak2::Log), which I already used to create scripts like the TS2PerlMod.
Die rot Makierten Dateien sind ich nicht in dem Verzeichnis auf dem root oder im Zip-verzeichnis zu finden
Weil diese Dateien nicht Vorhanden sind Bekomme ich beim Starte eine Fehlermeldung (Datei nicht Gefunden)

2. Der Von Ihnen Beschreiben Starte Befehl ts2afd_startscriptFunktioniert nicht. Er müsst Unter LinuX./ts2afd_startscript start sein.

3. Vor dem Ausführen des Skriptes muss noch der Chmod der Dateien auf 755 gesetzt
werden, wenn das nicht geschiet kann das Start skript nicht Ausgeführt werden.

Naja ich hoffe das kommt nicht so *besserwisserich* rüber.:p

Aber über Hilfe dazu würde ich mich sehr freuen da unser server jeden Tag 3-4 mal geflooded wird:mad:

MFG
Angel89

hey..
ersma vielen dank für des teil hier!!

hey...
frage bidde habe problem beim straten des AFD
der zeigt mir ne fehlermeldung
error getting dbserverlist [!!!]
was is des??
bitte helft mich
greetz ..

@mozzi:
This could be a small bug in the TeamSpeak2::TCPquery package. Do you have any weird chars in one of your servers names?Würdest du bitte meine Frage beantworten, statt die selbe Frage ein drittes Mal zu stellen?

vielen dank

hat sich erledigt

big sorry

Habe heut mein Rootserver rebootet und das afd start script gestartet. Danach teamspeak startscript gestartet doch es erscheint immer ne fehlermeldung: error could not start anti flood deamon ? Server laufen ohne afd ;(
pls help

lies dir deinen beitrag nochmal in ruhe durch, denke nach und du findest deinen fehler selbst

Muss ich nciht nachdem ich den deamon gestartet hab den teamspeak startscript restarten ?

Der AFD fungiert als TCP-Client und baut eine Verbindung zum TS-Server auf. Wenn du dann den TS-Server abschießt, dann bricht es dem AFD das Herz (ähm die TCP-Verbindung) und der arme stirbt an Vereinsamung.

:) seht gut erklärt ^^
danke es klappt jetz

I actually got a script while back that was neat if more then one person joined in 5 Seconds or something like that of the same ip they were banned it was neat but still people could join this is much nicer good work man

ScP - big respect to you :)

First off I would like to stress that I am a linux noob. Anyways, I was hit by a spambot and so decided to try and set the Teamspeak 2 Anti-Flood Daemon up. Here is the error.


[chris@localhost antiflood]$ ./ts2afd_startscript start
Can't locate TeamSpeak2/TCPquery.pm in @INC (@INC contains: /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.7/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl/5.8.6 /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.7/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl/5.8.7 /usr/lib/perl5/vendor_perl/5.8.6 /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.8/i386-linux-thread-multi /usr/lib/perl5/5.8.8 .) at ./ts2afd.pl line 8.
BEGIN failed--compilation aborted at ./ts2afd.pl line 8.
[chris@localhost antiflood]$


I changed the permissions in server.ini and I pointed ts2afd.pl at the correct server.log, with the correct superadmin account and password.

I have a folder called tss off of my accounts root which has the folders antiflood and tss2_rc2 in it.

antiflood contains [chris@localhost antiflood]$ ls
Log.pm readme.txt TCPquery.pm ts2afd.pl ts2afd_startscript


tss_rc2 is the teamspeak server folder which contains [chris@localhost tss2_rc2]$ ls
bad_names.txt Log.pm server.ini TCPquery.pm
changelog.txt Manual server_linux teamspeak2-server_startscript
httpdocs manual.html server.log tsserver2.pid
INSTALL mysql_sql sqlite.so
INSTALL.mysql README sqlite_sql
libsqlmy.so server.dbs tcpquerydocs

Does anyone know what my error means and how to fix it?

The files TCPquery.pm and Log.pm should be placed in a sub-folder called TeamSpeak2.

The files TCPquery.pm and Log.pm should be placed in a sub-folder called TeamSpeak2.

It worked! Thanks for the help :D

Hello and may i say THANK YOU this anti flood is awesome anyways is there a way on windows to make it run in the background instead of on your taskbar???

when i try to run it it sais i have a outdated version of ts2 server when i am running
Version:
2.0.20.1
suguestions?

when i try to run it it sais i have a outdated version of ts2 server when i am running
Version:
2.0.20.1
suguestions?
Update your server to the latest BETA version?

im sorry i didnt think i would have to check planetteamspeak.com to get the newwest when it should b here?

It IS here?

http://www.goteamspeak.com/index.php?page=downloads

It IS here?

http://www.goteamspeak.com/index.php?page=downloads

oi.......



Anyway, Thanks for the script! Im "installing" it now..

PS

Is there a way to ban the adresses for longer then 5 minutes? Haven't looked into the files yet, but i will do that.

No, it's "hardcoded" (if you can say that, it's perl!) in the script.

Just edit line 190 of ts2afd.pl and replace 5 with your favorite time.

$tcpquery->add_ban($client_ip, 30); //for 30 minutes

Thank you Thomas for that. I'll see if i can edit the file online.. otherwise i'll just have to reupload it with the time setting i like.

*edit, yay i found it... Im glad i started on the bottom of the file... Stupid Webmin edit dont show line numbers..

Is there any way to change the ban function to use "ipblock" to ban the IP? Using IP block, the offender will never be able to access the site again, through any port. FTP/WWW/telnet, you name it, will be blocked out. I suppose it would only work on dedicated servers running TS though.

I am really unsure of how that linux command can be added to this script. Is it possible?

Perl allows you to execute system commands by using the system() (http://perldoc.perl.org/functions/system.html) function. Simply replace the appropriate line in the ts2afd.pl which should look like this:

$tcpquery->add_ban($client_ip, 5);Good luck!

:rolleyes:

Thank you! I love this app, No flooders on my TS anymore!

I am having a problem getting the daemon to run.

This is the error:
[Teamspeak@stargate ts2_antiflood]$ ./ts2afd_startscript start
TeamSpeak2/TCPquery.pm did not return a true value at ./ts2afd.pl line 8.
BEGIN failed--compilation aborted at ./ts2afd.pl line 8.

My file structure is this:

/home/Teamspeak/ts2_server (for the teamspeak server (running latest BETA binary))

/home/Teamspeak/ts2_antiflood (for the antiflood daemon)

Everything is setup as per instructions and ive double checked everything.
If I type perl into ssh it comes up with a blank perl window so I assume that's all installed.

I'm not the most advanced at Linux but everything seems to be okay.

Help ? xD
Thanks

I downloaded the TeamSpeak 2 Anti-Flood Daemon and Perl, Installed them and set the variables according to the instructions. Took me about five minutes.
A DOS window poped up and listed six "OK's". Couldn't have been easier.
Never thought I would want another flood attack but I can't wait to see what happens.:)

P.S. Windows XP

Ok, Last night my server was flooded despite the Anti-Flood Daemon and then OWNED
I was attacked from two IP's at once. They flooded until they found the login of a user with SA and then proceeded to ban all players, remove all rooms and leave a message that I have been "owned" and also corrupted the server database.
It looks like they flooded with alternating IP's that trace back to two distant locations. A coordinated attack from two social rejects hundreds of miles apart.
TeamSpeak would not run again with the corrupted database so I had to start over.
I believe it was my fault as I had ports 14534 and 51234 open to try remote admin.
This brings up two questions.....
1. Are these the ports that the scumbags use to crash the server? If so, I can keep them closed on my router.
2. If I maintain a backup of the TeamSpeak folder can I simply copy in the backup to restore my server or do they screw up anything else like registry settings etc. ?
I can't say here what I would do to these retards if I ever find where they live.:mad:
Thanks for any help.

P.S. I've had hackers connect with a username that generates an error message when I click on the username to ban them.
Their name has a long blank before the name. Any ideas?

51234 is a port that is rarely needed open and depending on your login name and password could be a security flaw. 14534 I believe has a temp ban when you enter the wrong password too many times.

Thanks but this does not tell me what they are using so that I can block these mentaly deranged genetic rejects.
From what I've seen it appears that they are children with very limited mental capabilities and they feel that they are reaching out for help with their personnal problems by causing agrivation for others.
If they where real hackers then they would be able to provide something really useful.

It only takes a stupid idiot to break something but it takes someone with brains to fix it.

Works great! Thanks, also does anyone have a services? (init.d) script, that i can use for it to start on boot?

Cheers.

Thanks but this does not tell me what they are using so that I can block these mentaly deranged genetic rejects.
From what I've seen it appears that they are children with very limited mental capabilities and they feel that they are reaching out for help with their personnal problems by causing agrivation for others.
If they where real hackers then they would be able to provide something really useful.

It only takes a stupid idiot to break something but it takes someone with brains to fix it.

Almost impossible to tell. Do you still have the log file. It might tell you if they were using a program for the client version.

Well, of course they were using one or more programs. (duh)
I have a "friendly" hacker that used to belong to g 0 0 n and he has utilities that can see and change all my server configurations including usernames and passwords. It's totaly stupid that TeamSpeak has included routines to allow such access.:(

I have followed every security suggestion that I can find. The only port I have open is the one needed to make Teamspeak work. SA's can only kick, ban and grant registration. Everyone else can do nothing. I also have the Flood Daemon running and yet I have been "Owned" twice this week.
Obviously TeamSpeak has a wide open front door security problem. Any program that allows a "Guest" to fully access the server database and do what ever they want to it totaly sucks.
What the hell drugs were the programmers on when they included complete access to the server by anyone?
What's the purpose of assigning rights and privaliges when anyone can do that themselves with the access that TeamSpeak gives them?

It's a great for online chatting but it just makes no sense to me why they added the extra functions to leave the barn door wide open to terrorists.

We're aware of several bugs which can be used to cause server crashes and our developers will fix them soon, but there is NO way that an user can get access to your servers configuration and/or passwords. If your "friendly" hacker really had an application like this, the g00nies would already have access to our public servers.

Basically there are four simple rules to keep your TeamSpeak server secure:
Follow the known password rules and suggestions (http://www.microsoft.com/smallbusiness/resources/technology/security/5_tips_for_top_notch_password_security.mspx#EUD).
Always use the latest version or the TeamSpeak 2 sever which is currently 2.0.23.15 (http://forum.goteamspeak.com/showthread.php?t=36039).
Try to use useful third party application and scripts like the TeamSpeak 2 Anti-Flood Daemon (http://forum.goteamspeak.com/showthread.php?t=29651) or the SQLite MD5 Patch (http://forum.goteamspeak.com/showthread.php?t=34955).
Always report hacking attempts or suspicious activities by contacting us via e-mail or posting in our forums.

We're aware of several bugs which can be used to cause server crashes and our developers will fix them soon, but there is NO way that an user can get access to your servers configuration and/or passwords. If your "friendly" hacker really had an application like this, the g00nies would already have access to our public servers.

Basically there are four simple rules to keep your TeamSpeak server secure:
Follow the known password rules and suggestions (http://www.microsoft.com/smallbusiness/resources/technology/security/5_tips_for_top_notch_password_security.mspx#EUD).
Always use the latest version or the TeamSpeak 2 sever which is currently 2.0.23.15 (http://forum.goteamspeak.com/showthread.php?t=36039).
Try to use useful third party application and scripts like the TeamSpeak 2 Anti-Flood Daemon (http://forum.goteamspeak.com/showthread.php?t=29651) or the SQLite MD5 Patch (http://forum.goteamspeak.com/showthread.php?t=34955).
Always report hacking attempts or suspicious activities by contacting us via e-mail or posting in our forums.


I have all the above plus IPWallMaster to which I have added about 30 ranges of hacker IP's.
The "friendly" was a member of gOOn's (says he is not anymore):confused:

Also bei mir sagt er das server offline ist. (Debian-Linux) obowhl er läuft, rechte auf die dateien hab ich mal 755 gesetzt. Benutzer sowwohl TeamSpeak als auch mal root.

Als IP hab ich meine IP eingetragen (wobei man sagen muß das ich 2 IPs auf der maschiene habe.)

Was mich noch interesiert ist wie das script arbeitet. Habs mir nicht angeschaut, aber spontan würd ich ja sagen das scannt permanent das Log file... is das nicht bissel serverlastig ?

mfg Spoocy

Im just have installed the ts 2 anti-food Daemon on win xp.

Welcome masseg is ok, but not the rest.
My config is :

[Anti-Rec:]
Enabled=1
Channel=Skamme-krogen
Message=move
Reason=No recording

[AUTO-AFK:]
Enabled=1
Punishment=move
channel=Optaget

[STAT-MESSAG]
Enabled=1
File=stats.txt
Interval=30


Hope thats you can help me to getting this to work.

TeamSpeak 2 Anti-Flood Daemon [Version 0.4]
Copyright (c) 2006 by Sven 'ScP' Paulsen

Connecting to server 208.110.71.253 -> [OK]
Checking server compatibility -> [OK]
Authenticating as antiflood -> [OK]
Getting serverlist from database -> [!!]
13:49:52 - The server created some invalid output.

why am i getting this?

An odd problem with the log. In the output, I'm getting a lot of this:

04/16/07 11:06:37 Found a weird line in the servers logfile: 16-04/16/07 11:06:37 Found a weird line in the servers logfile: 04-07 11:06:37,ALL,Info,AccessLog, SID: 1 client connected [IP: *.*.*.*, Nick: kimar, Version: 2.0.32.60]
04/16/07 17:38:41 Found a weird line in the servers logfile: 16-04-07 17:38:41,ALL,Info,Access04/16/07 17:38:41 Found a weird line in the servers logfile: Log, SID: 1 client disconnected. [Nick: baza, LoginName: baza, DBID: 1275]

Which, it's rather odd considering that, in the log file, the lines it's referencing (thanks to the timestamp shown) is:

16-04-07 11:06:37,ALL,Info,AccessLog, SID: 1 client connected [IP: *.*.*.*, Nick: kimar, Version: 2.0.32.60]
16-04-07 17:38:41,ALL,Info,AccessLog, SID: 1 client disconnected. [Nick: baza, LoginName: baza, DBID: 1275]


With the TS log entries being a bit away from each other (several more connections/disconnections between them).

The log that's generated by the Anti-Flood Daemon is also weird, in that every time it finds one of these "weird lines", the next time it finds the weird line (which is actually the same line, just further along) it's not on it's own line, but compacted into the previous line (which, in a sense, is the log making a weird line about finding a weird line that's not really a weird line). Every instance of the "weird line" is actually 2 instances it found. You can tell when it starts/stops by looking at the timestamp: AFD uses a [month]/[day]/[year] format, versus the TS [day]-[month]-[year] format (hyphens versus backslashes, as well as the order of the numbers).

I'm running the latest Linux BETA (2.0.23.2), and I believe the latest AFD as well.

@louig1: You should update your script to the current version (0.9.16) and try again.

@KingOfZeal: You can ignore this lines. This can happen when the PerlMOD reads a line from the server.log in the same moment, when the server writes in it. Then the PerlMOD reads just a part of the line.

@Thomas:
We're talking about the TeamSpeak 2 Anti-Flood Daemon, not the TS2PerlMod.

louig1

TeamSpeak 2 Anti-Flood Daemon [Version 0.4]
Copyright (c) 2006 by Sven 'ScP' Paulsen

Connecting to server 208.110.71.253 -> [OK]
Checking server compatibility -> [OK]
Authenticating as antiflood -> [OK]
Getting serverlist from database -> [!!]
13:49:52 - The server created some invalid output.

Out of the blue I had the same problem. Was working one day and not the next.
I have no idea why, but I found a quick fix that at least works for me.


Open ts2afd.pl and find (around line 101)
my @dbserverlist = $tcpquery->get_dbserverlist();

I had to change it to
my @dbserverlist = 1;


Obviously it is suddenly having trouble fetching the server id. I can live with this as I only have the one server. But have no idea how this would effect multiple virtual servers.

@-=<Squirrel>=-:
Your "fix" will make the script unfunctional, because the TeamSpeak 2 Anti-Flood Daemon needs the @dbserverlist array to determine which server has been attacked.

I think this problem is caused by some weird characters you've used in your servers name. It might be fixed by changing the regular expression I've used to parse the output from dbserverlist.

Fine in line 88 of TCPquery.pm:
if(my @server = $_ =~ /^(\d+)\t(\d+)\t"([^\r\n\f]+)"\t(\d+)\s*$/) {Replace with:
if(my @server = $_ =~ /^(\d+)\t(\d+)\t"([^\r\n]+)"\t(\d+)\s*$/) {Please visit this (http://forum.planetteamspeak.com/forumdisplay.php?f=38) forum for additional support.

Cheers for the suggestion.
I checked the characters in the server name and they are the same as they were last week when it was working.
What I did find is some corrupt data in the data base which wasn't showing in the config.
After removing it all is back to normal.

So thank you for taking the time to make an attempt to fix the prob.
And yes after testing you are absolutely right. My quick fix is bogus.

Sorry, but it will not work at all :(

I got this message after the start:

TeamSpeak 2 Anti-Flood Daemon [Version 0.4]
Copyright (c) 2006 by Sven 'ScP' Paulsen

Connecting to server localhost -> [OK]
Checking server compatibility -> [OK]
Authenticating as ********* -> [OK]
Getting serverlist from database -> [OK]
Accessing the servers logfile -> [OK]
Accessing the scripts logfile -> [OK]

all things work fine but when I flood one of my TS-Server ...... no ban at all

I can see the BAN in the ts2afd.log but the person can still flood the server. It seems that the BAN is not recognized on the Server...

What´s the Problem any hint?

PS: sorry for my bad English ;)

Sorry, but it will not work at all :(

I got this message after the start:



all things work fine but when I flood one of my TS-Server ...... no ban at all

I can see the BAN in the ts2afd.log but the person can still flood the server. It seems that the BAN is not recognized on the Server...

What´s the Problem any hint?

PS: sorry for my bad English ;)

What version TS server are you using?

Teamspeak 2 Server v2.0.r23.b13 Win32

The person must be kicked so that the ban would work. Are you trying it registered or anonymous?

I found the Problem ;)

The Banlist was full of unlimited Bans

I have found a problem. Sorry if this has been reported before. If someone has a blank name for the name of their TS server, the anti-flood daemon will fault out when trying to start up. I was running a server for a friend of mine and he had it set to a blank name. When I tried to start the anti-flood daemon, you would get the error message "The server created some invalid output".

I then went in and edited the name of his server and just put a period ( . ) for the name and the anti-flood daemon started up fine. Is this a known issue or is there a fix for this? Thanks all, this is a great tool that has been made!


Mustang

I've uploaded an updated package of the TeamSpeak 2 Anti-Flood Daemon.

http://www.planetteamspeak.com/component/option,com_docman/task,doc_details/Itemid,69/gid,42/

Please visit the Planet TeamSpeak (http://www.goteamspeak.com/redirect.php?url=http://www.planetteamspeak.com/) forums if you have any bugs to report or features to request.

Hi,

I have installed (and today updates) this script - thanks for it.
I hope this script can "save" me from more flooders, otherwise I would have to put a password to the ts2 Server which actually wasn't planned.

greets

Hi,

Seems as installing this modification didn't help:
[14:04:06] shepen-e-gay quit (Connection timed out!)
[14:04:06] shepen-e-gay1 quit (Connection timed out!)
[14:04:07] shepen-e-gay2 quit (Connection timed out!)
[14:04:07] shepen-e-gay3 quit (Connection timed out!)
[14:04:07] shepen-e-gay4 quit (Connection timed out!)
[14:04:07] shepen-e-gay5 quit (Connection timed out!)
[14:04:08] shepen-e-gay6 quit (Connection timed out!)
[14:04:08] shepen-e-gay7 quit (Connection timed out!)
[14:04:08] shepen-e-gay8 quit (Connection timed out!)
[14:04:08] shepen-e-gay9 quit (Connection timed out!)
[14:04:08] shepen-e-gay quit (Connection timed out!)
[14:04:09] shepen-e-gay10 quit (Connection timed out!)
[14:04:09] shepen-e-gay1 quit (Connection timed out!)
[14:04:09] shepen-e-gay11 quit (Connection timed out!)
[14:04:09] shepen-e-gay2 quit (Connection timed out!)
[14:04:09] shepen-e-gay3 quit (Connection timed out!)
[14:04:09] shepen-e-gay4 quit (Connection timed out!)
[14:04:10] shepen-e-gay5 quit (Connection timed out!)
[14:04:10] shepen-e-gay12 quit (Connection timed out!)
[14:04:10] shepen-e-gay6 quit (Connection timed out!)
[14:04:10] shepen-e-gay7 quit (Connection timed out!)
[14:04:10] shepen-e-gay8 quit (Connection timed out!)
[14:04:11] shepen-e-gay9 quit (Connection timed out!)
[14:04:11] shepen-e-gay quit (Connection timed out!)
[14:04:11] shepen-e-gay10 quit (Connection timed out!)
(....)
[14:05:42] shepen-e-gay10 quit (Connection timed out!)
[14:05:42] shepen-e-gay quit (Connection timed out!)
[14:05:42] shepen-e-gay6 quit (Connection timed out!)


The Log of the script:
---------------------------------------------------------------
------------ log started at 07/13/07 11:57:29 -------------
---------------------------------------------------------------
07/13/07 11:57:29 TeamSpeak 2 Anti-Flood Daemon started
07/13/07 11:57:29 Connected to server localhost on TCP port xxxxx
07/13/07 11:57:29 Authenticated as antiflood
07/13/07 11:57:29 Found 2 virtual servers in the database
07/13/07 11:57:29 Initialization sequence completed

(Settings are 3 / 10 seconds)

xxxxx:~/tss2_antiflood$ ./ts2afd_startscript status
The TeamSpeak 2 Anti-Flood Daemon seems to be running.

Maybe I did something wrong?
Any tips for me how to get rid of those spambots, without setting a password?

Help is apreciated,
thanks in advance.

greets

PS.: I'm using "Version: v2.0.r23.b15 Linux"

The TeamSpeak 2 Anti-Flood Daemon uses the servers logfile (server.log) to prevent flooding attempts by banning the performing IP address. This means you'll have to enable the enhanced logging capabilities of your TeamSpeak 2 server.

Look for the following lines in your server.ini file and enable at least access_r and access_u for the script to function normally:

[log]
access_r=1
access_u=1
channel_registerred=0
channel_unregisterred=0
sa=0 chat=0
kick_server=0
kick_channel=0I hope this helps.

Hi,

Thanks, that was in the manual - so I already changed this values.
Maybe I have to reboot the ts2 server, that I haven't done - I will do that now and check the problems again, thanks.

greets

I am trying to get this script to work, and it says it can not open the server.log file.
I know why its because the server is running, but when I shutdown server then it says server is not responding. Someone mind helping me out here please.

I am trying to get this script to work, and it says it can not open the server.log file.
I know why its because the server is running, but when I shutdown server then it says server is not responding. Someone mind helping me out here please.

Same problem cant get the log file havent tried with it offline though.

I have a problem now, first i runned Anti-Flood 0.4, and everything worked fine, when i saw version v2.0.r23.22 of TeamSpeak Server was released, and version 0.5 of the anti flood deamon also, i updated them at the same time, I just wrote my 0.4 settings in the 0.5 config, but now, if my server is running, and i start the perl file, I only get to see the copyright info and the program version, but not the [OK] or [!!] thingys and it simply just doesn't work.

Is 0.5 not compatible with the last released beta version, or is there another problem...

What error exactly is shown along with the [!!]?

Thats the strange thing I dont see any errors no [OK] and no [!!] only the app version and copyright info... This is exactly what i see:

TeamSpeak 2 Anti-Flood Daemon [Version 0.5]
Copyright (c) 2006 by Sven 'ScP' Paulsen

_


Nothing else

Ok i found the problem, in the afd app log i found the following error:

You are running an outdated version of the TeamSpeak 2 server

So this is what it is my version 2.0.23.22 is to high, thats the latest version available...

if($serverversion[0] != 2 || $serverversion[2] < 21) {
That's the line which checks the version. Normally nothing unnormal...

Goto line 75 and put on every newline a "#" so the compiler doesn't read the line until line 85. So it will looke like this:
# checking the servers version info
#print "Checking server compatibility -> ";
#my @serverversion = $tcpquery->get_serverversion();
#if($serverversion[0] != 2 || $serverversion[2] < 21) {
# print "[!!]\n";
# print "$current_time - You are running an outdated version of the TeamSpeak 2 server #($serverversion[0].$serverversion[1].$serverversion[2].$serverversion[3]).\n";
# sleep 3;
# exit;
#} else {
# print "[OK]\n";
#}

After that, save and try to restart the deamon.

After some more editing, it finally works, thanks :) For people with the same prob:


#!/usr/bin/perl -w

# ts2afd.pl - TeamSpeak 2 Anti-Flood Daemon
# This script reads a TeamSpeak 2 servers logfile and detects flooding attempts
# Written 2006 by Sven Paulsen

use strict;
use TeamSpeak2::TCPquery;
use TeamSpeak2::Log;

# ================================================== ==========================================
# ======================================= CONFIGURATION ======================================
# ================================================== ==========================================

# ****** SERVER ADDRESS AND TCP QUERY PORT ******
# This is the hostname or IP address and TCP port of the TeamSpeak 2 server.
# If you are unsure of what to put here, leave the default values.
my $server_address = "localhost";
my $server_tcpport = "51234";

# ****** SUPERADMIN USERNAME & PASSWORD ******
# This is the username and password you use to access your TeamSpeak 2 server.
# This must be an existing superadmn account.
my $ssa_username = "SUPERADMIN";
my $ssa_password = "IWOULDNTPOSTTHATHERE";

# ****** FULL PATH TO SERVER LOGFILE ******
# On a few systems it may be necessary to input the full path to your servers logfile
# for the TeamSpeak 2 Anti-Flood Daemon to function normally.
# Example Unix:
# my $server_logfile = "/home/ts2/teamspeak2/server.log";
# Example Windows:
# my $server_logfile = "C:/Program Files/TeamSpeak2/server.log";
my $server_logfile = "C:/Program Files/Teamspeak2_RC2_SERVER/server.log";

# ****** SERVER SPAM LIMITS ******
# These values define the max amount of new connections from an IP address in a limited
# number of seconds.
# Do NOT set one of these values to 0!
# Example:
# my $spam_connections = 1;
# my $spam_seconds = 10;
# In this case an IP address will be able to connect 3 times in 10 seconds.
my $spam_connections = 1;
my $spam_seconds = 10;

# ****** ENABLE/DISABLE UNIX DAEMON ******
# This option allows you to start the script as a background process on Unix based systems.
# Do not enable this feature on Windows servers.
my $script_daemonize = 0;

# ================================================== ==========================================
# ============================ DO NOT CHANGE ANYTHING BELOW ==================================
# ================================================== ==========================================

use POSIX qw(strftime);
my $current_time = strftime "%H:%M:%S", localtime;

print "TeamSpeak 2 Anti-Flood Daemon [Version 0.5 NOT VERSION CHECKING!]\n";
print "Copyright (c) 2006 by Sven 'ScP' Paulsen\n";
print "\n";

# connect to the TeamSpeak 2 server
print "Connecting to server $server_address -> ";
my $tcpquery = TeamSpeak2::TCPquery->new($server_address, $server_tcpport);
if(!$tcpquery) {
print "[!!]\n";
print "$current_time - The server is not responding. Maybe the server is offline or TeamSpeak 2 is not running on it.\n";
sleep 3;
exit;
} else {
print "[OK]\n";
}

# checking the servers version info
#print "Checking server compatibility -> ";
#my @serverversion = $tcpquery->get_serverversion();
#if($serverversion[0] != 2 || $serverversion[2] < 21) {
# print "[!!]\n";
# print "$current_time - You are running an outdated version of the TeamSpeak 2 server #($serverversion[0].$serverversion[1].$serverversion[2].$serverversion[3]).\n";
# sleep 3;
# exit;
#} else {
# print "[OK]\n";
#}

# authenticating with a valid superadmin accout
print "Authenticating as $ssa_username -> ";
if(!$tcpquery->login_superadmin($ssa_username, $ssa_password)) {
print "[!!]\n";
print "$current_time - You have entered an invalid username and/or password.\n";
sleep 3;
exit;
} else {
print "[OK]\n";
}

# get serverlist from database
print "Getting serverlist from database -> ";
my $current_servers;
my @dbserverlist = $tcpquery->get_dbserverlist();
if(!$dbserverlist[0]) {
print "[!!]\n";
print "$current_time - The server created some invalid output.\n";
sleep 3;
exit;
} else {
$current_servers = @dbserverlist;
print "[OK]\n";
}

# open the servers logfile
print "Accessing the servers logfile -> ";
my $log = TeamSpeak2::Log->new($server_logfile);
if(!$log) {
print "[!!]\n";
print "$current_time - The servers logfile could not be opened.\n";
sleep 3;
exit;
} else {
print "[OK]\n";
}

# create/open a logfile for the script
print "Accessing the scripts logfile -> ";
if(!open(LOG, ">>ts2afd.log")) {
print "[!!]\n";
print "$current_time - The scripts logfile could not be created/opened.\n";
sleep 3;
exit;
} else {
autoflush LOG;
print "[OK]\n";
}

# write init entries to log file
$current_time = strftime "%m/%d/%y %H:%M:%S", localtime;
print LOG "---------------------------------------------------------------\n";
print LOG "------------ log started at $current_time -------------\n";
print LOG "---------------------------------------------------------------\n";
print LOG "$current_time\tTeamSpeak 2 Anti-Flood Daemon started\n";
print LOG "$current_time\tConnected to server $server_address on TCP port $server_tcpport\n";
print LOG "$current_time\tAuthenticated as $ssa_username\n";
print LOG "$current_time\tFound $current_servers virtual servers in the database\n";
print LOG "$current_time\tInitialization sequence completed\n";

# jump to the end of the servers logfile
$log->goto_eof();

# deamonize the current process
print "\n";
$script_daemonize = 1 if(defined($ARGV[0]) && $ARGV[0] =~ /^daemon\s*$/);
deamonize() if($script_daemonize);

print @_;

# create new vars, arrays and hashes to store various info
my @servers;
my %connections;

eval {

# enter main loop
while(1) {
$current_time = strftime "%m/%d/%y %H:%M:%S", localtime;

# get new lines from logfile
my @lines = $log->analyze();

# Search for new connections
foreach my $line (@lines) {

# check if current line is a new connection
if($line->[2] =~ /^AccessLog\s*$/ && $line->[4] =~ /^client\sconnected\s\[IP:\s(\d+\.\d+\.\d+\.\d+),\sNick:\s.+,\sVersion:\s \d+\.\d+\.\d+\.\d+\]\s*$/) {
my $server_id = $line->[3];
my $client_ip = $1;

# perform anti-flood actions
if(!exists($connections{"$server_id-$client_ip"})) {
$connections{"$server_id-$client_ip"} = [time(), 1];
} else {
my $remaining_connections = $spam_connections-@{$connections{"$server_id-$client_ip"}}[1];
@{$connections{"$server_id-$client_ip"}}[1]++ if(time()-@{$connections{"$server_id-$client_ip"}}[0] <= $spam_seconds);
if(!$remaining_connections) {

# find server UDP port in serverlist
foreach my $server (@dbserverlist) {
if($server_id == $server->[0]) {
if($tcpquery->select_server($server->[1])) {

# ban IP address
$tcpquery->add_ban($client_ip, 5);

# search connected serveradmins
my @playerlist = $tcpquery->get_playerlist();
if($playerlist[0] != 0) {
foreach my $player (@playerlist) {
my $player_is_serveradmin = substr(unpack('B*', pack('C', $player->[11])), -1);

# send a notice to all serveradmins
if($player_is_serveradmin) {
$tcpquery->send_playermsg($player->[0], "IP \"$client_ip\" got banned from the server by \"TeamSpeak 2 Anti-Flood Daemon\"");
}
}
}

# write a new entry to the scripts logfile
print LOG "$current_time\tIP \"$client_ip\" got banned from the server \[ID: $server->[0], Port: $server->[1], Name: $server->[2]\]\n";
}
last;
}
}
}
}
}

# check if current line is a virtual servers start
elsif($line->[2] =~ /^server\s*$/ && $line->[4] =~ /^Started\sVirtualServer\sid:\d+\swith port:(\d+)\s*$/) {

# get a new serverlist from database
@dbserverlist = $tcpquery->get_dbserverlist();
$current_servers = @dbserverlist;

# write a new entry to the scripts logfile
print LOG "$current_time\tVirtual server on port $1 has been started\n";
print LOG "$current_time\tFound $current_servers virtual servers in the database\n";
}

# check if current line is a virtual servers stop
elsif($line->[2] =~ /^server\s*$/ && $line->[4] =~ /^Stopped\sVirtualServer\sid:\d+\swith port:(\d+)\s*$/) {

# get a new serverlist from database
@dbserverlist = $tcpquery->get_dbserverlist();
$current_servers = @dbserverlist;

# write a new entry to the scripts logfile
print LOG "$current_time\tVirtual server on port $1 has been stopped\n";
print LOG "$current_time\tFound $current_servers virtual servers in the database\n";
}

# check if current line is a server shutdown
elsif($line->[2] =~ /^server\s*$/ && $line->[4] =~ /^Server\sshutdown\sinitialized\s*$/) {

# write a new entry to the scripts logfile
print LOG "$current_time\tServer shutdown initialized\n";

# disconnect from the TeamSpeak 2 server
$tcpquery->execute("quit");

# write shutdown entries to log file
print LOG "$current_time\tTeamSpeak 2 Anti-Flood Daemon stopped\n";
print LOG "---------------------------------------------------------------\n";
print LOG "------------- log ended at $current_time --------------\n";
print LOG "---------------------------------------------------------------\n";

exit(0);
}

# wait for 0.01 seconds
select(undef, undef, undef, 0.01);
}

# remove outdated entries from connections hash
foreach(keys(%connections)) {
delete $connections{$_} if(time()-@{$connections{$_}}[0] > $spam_seconds);
}

# wait for 0.1 seconds
select(undef, undef, undef, 0.1);
}

};

# catch and log critical errors
if($@) {
print LOG "$current_time\t".$@."\n";
}

sub deamonize {
exit(0) if(fork());
print "TeamSpeak 2 Anti-Flood Daemon started with PID $$\n";
open(STDIN, "</dev/null") || return 0;
open(STDOUT, ">/dev/null") || return 0;
open(STDERR, ">&STDOUT") || return 0;
open(PID, ">ts2afd.pid") || return 0;
print PID $$;
close PID;
chdir("/");
umask(0);
return $$;
}

exit(0);

I get all the way through the startup until the server log. Here is the problem below :/.

Accessing the servers logfile -> [!!]
4:44:15 - The servers logfile could not be opened.

Also I have this romanian called Violet_Blood and he spams my server using one connection and uses a dynamic IP (it doesn't change as much as you think). So I really hope this can ban him if he uses one connection please respond ASAP as this guy is about to spam attack again :/.

You sure that the path to the logfile is correct? And see that the server isn't started as root and the deamon as normal user. because the deamon could then not acess the server.log

I have tried sudo :/. Also I think its the permissions what should I set it too (command only please).

EDIT: FIXED WOOT

I have tried sudo :/. Also I think its the permissions what should I set it too (command only please).

EDIT: FIXED WOOT

Could you please tell us how you solved the problem?

This is how I fixed it.

The example shows you having to do the /home/ and all that but instead since its executing all of the ts stuff in that folder I just did this for the directory ./server.log. The problem is you should do ./server.log by default. I recommend that be added in later versions :D. I am at school so I had to do this off memory :P.

Question about error I'm getting with the script. If this has already been covered, my apologies. I've downloaded and installed the latest version of ActivePerl for Windows (5.8, build 822), and have configured the anti-flood script per the info in the file. When I run it, I get this error:

Can't locate TeamSpeak2/TCPquery.pm in @INC <@INC contains: C:/Perl64/site/lib c:/Perl64/lib .> at c:\program files (x86)\Teamspeak2_RC2_Server\AntiFloodScript\ts2afd .pl line 8.
BEGIN failed--compilation aborted at c:\program files (x86)\Teamspeak2_RC2_Server\AntiFloodScript\ts2afd .pl line8.


Line 8 in the file is "use TeamSpeak2::TCPquery;", which I've not changed as it wasn't listed to do so. Any ideas?

I'm running WinXP x64 and the Perl version is the build for x64 systems, as additional info.

It keeps saying the server could not be found.

Here is a copy of mine.

# ================================================== ==========================================
# ======================================= CONFIGURATION ======================================
# ================================================== ==========================================

# ****** SERVER ADDRESS AND TCP QUERY PORT ******
# This is the hostname or IP address and TCP port of the TeamSpeak 2 server.
# If you are unsure of what to put here, leave the default values.
my $server_address = "bftclan.servegame.com";
my $server_tcpport = "51234";

# ****** SUPERADMIN USERNAME & PASSWORD ******
# This is the username and password you use to access your TeamSpeak 2 server.
# This must be an existing superadmn account.
my $ssa_username = "****";
my $ssa_password = "*";

# ****** FULL PATH TO SERVER LOGFILE ******
# On a few systems it may be necessary to input the full path to your servers logfile
# for the TeamSpeak 2 Anti-Flood Daemon to function normally.
# Example Unix:
# my $server_logfile = "/home/ts2/teamspeak2/server.log";
# Example Windows:
# my $server_logfile = "C:/Program Files/TeamSpeak2/server.log";
my $server_logfile = "C:/Program Files/Teamspeak2_RC2/server.log";

# ****** SERVER SPAM LIMITS ******
# These values define the max amount of new connections from an IP address in a limited
# number of seconds.
# Do NOT set one of these values to 0!
# Example:
# my $spam_connections = 3;
# my $spam_seconds = 10;
# In this case an IP address will be able to connect 3 times in 10 seconds.
my $spam_connections = 3;
my $spam_seconds = 30;

# ****** ENABLE/DISABLE UNIX DAEMON ******
# This option allows you to start the script as a background process on Unix based systems.
# Do not enable this feature on Windows servers.
my $script_daemonize = 0;

Try to set the $server_address variable to localhost.

Thanks!

But now its giving me logfile could not be opened.

(Ill go back through this thread and try to find a solution if it was posted, still need help though because I can't find it)

This is how I fixed it.

The example shows you having to do the /home/ and all that but instead since its executing all of the ts stuff in that folder I just did this for the directory ./server.log. The problem is you should do ./server.log by default. I recommend that be added in later versions :D. I am at school so I had to do this off memory :P.

That didn't work.

Hello,

I am having an issue which I can't answer.

I want to be able to host many teamspeak servers to people and if they ask for the mod they can have it.

How would I go around doing this?

E.G

1. Person 1 - Normal TS server.
2. Clan 1 - Modded TS Server
3. Clan 2 - Modded TS Server
4. Clan 3 - Modded TS Server
5. Person 2 - Normal TS server.

Thanks!

MSN Address : racknetz(@)Hotmail.com

Mine says it cannot connect for some reason.
My server address is "74.86.83.202:8767"

I tried both localhost and just "74.86.83.202"
Is it asking for the IP to the web control panel?
Also, we have a password on our TS also. Could this be the reason?


#!/usr/bin/perl -w

# ts2afd.pl - TeamSpeak 2 Anti-Flood Daemon
# This script reads a TeamSpeak 2 servers logfile and detects flooding attempts
# Written 2006 by Sven Paulsen

use strict;
use TeamSpeak2::TCPquery;
use TeamSpeak2::Log;

# ================================================== ==========================================
# ======================================= CONFIGURATION ==============================