Remove the filter on CMSG_CHAR_ENUM added in 59b4c34924 since the same opcode is already throttled in the new improved system. DoS attacks using this opcode are still mitigated with same effect of before.
Fixes#10915
Adjust some more packet throttling values.
Revert b35f831f2b since it's no longer needed.
Modify the AntiDoS log to specify in a more readable way which opcode triggered the system and how many packets have been received.
Adjust packet throttling values to avoid false positive. In case you are experiencing random kicks change the PacketSpoof.Policy setting in worldserver configs and report which packets are triggering the anti-dos system.
Implement an improved packet Anti-DoS by counting how many times the same opcode has been sent in the last second and applying the policy specified in the configs if the amount of packets exceeds a reasonable amount.
Credits to the original author who decided to share this with TrinityCore team.
Fix some static analysis issues about uninitialized values. Most of them are false positives, always initialized before being accessed, while some of them are real issues spotted by valgrind too.
Mitigate DoS attacks like one explained in #10555 by processing a limited number of packets at each WorldSession::Update() call, allowing other WorldSessions to be processed.
100 packets in a single update sound like a reasonable amount.
* Rewritten path generation, now uses splines - timers are a lot more accurate now
* Implemented stopping transports
* Implemented spawning transports in instances
* Implemented spawning gameobjects as transport passengers
* Transport passengers are now stored in creature/gameobject table using gameobject_template.data6 from transport's template as map id
- Removed config option RBAC.DefaultGroups
Use the table rbac_security_level_groups to configure the groups to be added to the account at load time.
Note: Those groups are only used at run time, never saved to DB
Port some movement packet fixes, taking into account client/server connection lag.
Credits to original author, check http://sourceforge.net/p/ascentemubackup/code/1637/ for more details.
MOVEMENT_PACKET_TIME_DELAY default value is currently set to 0, feel free to set it to different values and report feedback.
Currently regulates the usage of CMSG_CHAR_ENUM only, but can be easily
extended to detect inappropriate network behaviour by using
AntiDOS.AllowOpcode in WorldSession's handlers.
- This system will give more control of actions an account can perform.
System defines:
- Permissions to perform some action
- Roles: a set of permissions that have some relation
- Groups: a set of roles that have some relation
Operations:
- Grant: Assign and allow
- Deny: Assign and do not allow
- Revoke: Remove
Precedence to know if something can be done: Grant, Deny. That means, if you are granted some action by a role but you have denied the permission, the action can not be done.
Some Rules:
- Groups can only have roles
- Roles can only have permissions
- An account can be assigned granted and denied roles. Permissions inherited from roles are granted if roles is granted and denied if roles is denied
- An account can be assigned granted and denied permissions
- An account can have multiple groups, roles and permissions
- An account can not have same role granted and denied at same time
- An acconnt can not have same permission granted and denied at same time
- Id 0 can not be used to define a group, role or permission
Added some permissions as a sample of use (Instant Logout, Skip Queue, Join BGs, Join DF) and some permissions as a workaround to commands till command system is modified to use RBAC
Changed multiple lines to a simple format:
- Logger.name=Type,LogLevel,Flags,AppenderList
- Appender.name=Type,LogLevel,Flags,optional1,optional2
* Type = File: optional1 = File name, optiona2 = Mode
* Type = Console: optional1 = Colors
Created a default set of loggers and appenders.
- Root logger defaults to Error, that means you will see nothing on console by default (not even loading)
- You need to add the loggers to Loggers options if you want to enable them, otherwise Root logger will be used for all types
Restored outSQLDriver (LOG_FILTER_SQL_DRIVER), outSQLDev (LOG_FILTER_SQL_DEV), outArena (LOG_FILTER_ARENA) and outChar (LOG_FILTER_CHARACTER) functionality by creating new types (LOG_FILTER_CHARACTER is a rename of LOG_FILTER_DELETE.
Note: You need to update your config file... again (yeah sorry... trying to make it simpler)
- Appender config option .Timestamp and .Backup became obsolete
- New Appender config option .Flags added
Appender Console prefixes Log Level and Log Filter Type to the logged text as default
Appender File prefixes Timestamp, Log Level and Log Filter Type to the logged text as default
- Logging System is asyncronous to improve performance.
- Each msg and Logger has a Log Type and Log Level assigned. Each msg is assigned the Logger of same Log Type or "root" Logger is selected if there is no Logger configured for the given Log Type
- Loggers have a list of Appenders to send the msg to. The Msg in the Logger is not sent to Appenders if the msg LogLevel is lower than Logger LogLevel.
- There are three (at the moment) types of Appenders: Console, File or DB (this is WIP, not working ATM). Msg is not written to the resource if msg LogLevel is lower than Appender LogLevel.
- Appender and Console Log levels can be changed while server is active with command '.set loglevel (a/l) name level'
Explanation of use with Sample config:
Appender.Console.Type=1 (1 = Console)
Appender.Console.Level=2 (2 = Debug)
Appender.Server.Type=2 (2 = File)
Appender.Server.Level=3 (3 = Info)
Appender.Server.File=Server.log
Appender.SQL.Type=2 (2 = File)
Appender.SQL.Level=1 (1 = Trace)
Appender.SQL.File=sql.log
Appenders=Console Server (NOTE: SQL has not been included here... that will make core ignore the config for "SQL" as it's not in this list)
Logger.root.Type=0 (0 = Default - if it's not created by config, server will create it with LogLevel = DISABLED)
Logger.root.Level=5 (5 = Error)
Logger.root.Appenders=Console
Logger.SQL.Type=26 (26 = SQL)
Logger.SQL.Level=3 (2 = Debug)
Logger.SQL.Appenders=Console Server SQL
Logger.SomeRandomName.Type=24 (24 = Guild)
Logger.SomeRandomName.Level=5 (5 = Error)
Loggers=root SQL SomeRandomName
* At loading Appender SQL will be ignored, as it's not present on "Appenders"
* sLog->outDebug(LOG_FILTER_GUILD, "Some log msg related to Guilds")
- Msg is sent to Logger of Type LOG_FILTER_GUILD (24). Logger with name SomeRandomName is found but it's LogLevel = 5 and Msg LogLevel=2... Msg is not logged
* sLog->outError(LOG_FILTER_GUILD, "Some error log msg related to Guilds")
- Msg is sent to Logger of Type LOG_FILTER_GUILD (24). Logger with name SomeRandomeName is found with proper LogLevel but Logger does not have any Appenders assigned to that logger... Msg is not logged
* sLog->outDebug(LOG_FILTER_SQL, "Some msg related to SQLs")
- Msg is sent to Logger SQL (matches type), as it matches LogLevel the msg is sent to Appenders Console, Server and SQL
- Appender Console has lower Log Level: Msg is logged to Console
- Appender Server has higher Log Level: Msg is not logged to file
- Appender SQL has lower Log Level: Msg is logged to file sql.log
* sLog->outDebug(LOG_FILTER_BATTLEGROUND, "Some msg related to Battelgrounds")
- Msg is sent to Logger root (Type 0) as no Logger was found with Type LOG_FILTER_BATTLEGROUND (13). As Logger has higher LogLevel msg is not sent to any appender
* sLog->outError(LOG_FILTER_BATTLEGROUND, "Some error msg related to Battelgrounds")
- Msg is sent to Logger root (Type 0) as no Logger was found with Type LOG_FILTER_BATTLEGROUND (13). Msg has lower LogLevel and is sent to Appender Console
- Appender Console has lower LogLevel: Msg is logged to Console
