Added ban list

Added setting MaxConnections/MaxConnectionsPerIp/BanMinutes

Author: Subtixx

RCONServerLib.Tests/ConnectionTests.cs

@@ -10,77 +10,80 @@ public void TestAuthFail()
         {
             var server = new RemoteConServer(IPAddress.Any, 27015);
             server.StartListening();
-            
+
             var client = new RemoteConClient();
             client.OnAuthResult += Assert.False;
-            
+
             client.Connect("127.0.0.1", 27015);
             client.Authenticate("unitfail");
-            
+
             client.Disconnect();
             server.StopListening();
         }
-        
+
         [Fact]
         public void TestAuthSuccess()
         {
             var server = new RemoteConServer(IPAddress.Any, 27015);
             server.StartListening();
-            
+
             var client = new RemoteConClient();
-            client.OnAuthResult += Assert.True;
-            
+            client.OnAuthResult += success =>
+            {
+                Assert.True(success);
+
+                client.Disconnect();
+                server.StopListening();
+            };
+
             client.Connect("127.0.0.1", 27015);
             client.Authenticate("changeme");
-            
-            client.Disconnect();
-            server.StopListening();
         }
-        
+
         [Fact]
         public void TestCommandFail()
         {
             var server = new RemoteConServer(IPAddress.Any, 27015);
             server.StartListening();
-            
+
             var client = new RemoteConClient();
             client.OnAuthResult += success =>
             {
                 //Assert.True(success);
                 client.SendCommand("testing", result =>
                 {
                     Assert.Contains("invalid command", result);
+
+                    client.Disconnect();
+                    server.StopListening();
                 });
             };
-            
+
             client.Connect("127.0.0.1", 27015);
             client.Authenticate("changeme");
-            
-            client.Disconnect();
-            server.StopListening();
         }
-        
+
         [Fact]
         public void TestCommandSuccess()
         {
             var server = new RemoteConServer(IPAddress.Any, 27015);
             server.StartListening();
-            
+
             var client = new RemoteConClient();
             client.OnAuthResult += success =>
             {
                 //Assert.True(success);
                 client.SendCommand("hello", result =>
                 {
                     Assert.Contains("world", result);
+
+                    client.Disconnect();
+                    server.StopListening();
                 });
             };
-            
+
             client.Connect("127.0.0.1", 27015);
             client.Authenticate("changeme");
-            
-            client.Disconnect();
-            server.StopListening();
         }
     }
 }

RCONServerLib/RCONServerLib.csproj

@@ -45,6 +45,7 @@
     <Compile Include="Utils\BinaryReaderExt.cs" />
     <Compile Include="Utils\BinaryWriterExt.cs" />
     <Compile Include="Utils\CommandManager.cs" />
+    <Compile Include="Utils\DateTimeExtensions.cs" />
     <Compile Include="Utils\Exceptions.cs" />
     <Compile Include="Utils\IpExtension.cs" />
   </ItemGroup>

RCONServerLib/RemoteConServer.cs

@@ -11,6 +11,8 @@ public class RemoteConServer
     {
         public delegate string CommandEventHandler(string command, IList<string> args);
 
+        private readonly List<TcpClient> _clients;
+
         private readonly TcpListener _listener;
 
         public readonly CommandManager CommandManager = new CommandManager();
@@ -26,18 +28,27 @@ public RemoteConServer(IPAddress bindAddress, int port)
                 "192.*.*.*"
             };
             MaxPasswordTries = 3;
+            BanMinutes = 15;
             Password = "changeme";
             SendAuthImmediately = false;
+            IpBanList = new Dictionary<string, int>();
+            MaxConnectionsPerIp = 1;
+            MaxConnections = 5;
 
 #if DEBUG
             Debug = true;
 #else
             Debug = false;
 #endif
 
+            _clients = new List<TcpClient>();
             _listener = new TcpListener(bindAddress, port);
         }
 
+        /// <summary>
+        /// </summary>
+        public Dictionary<string, int> IpBanList { get; set; }
+
         /// <summary>
         ///     When true closes the connection if the payload of the packet is empty.
         ///     Default: True
@@ -73,8 +84,16 @@ public RemoteConServer(IPAddress bindAddress, int port)
         /// </summary>
         public uint MaxPasswordTries { get; set; }
 
+        /// <summary>
+        ///     How many minutes a client should be banned when he reached max password tries
+        ///     (Setting this to zero means no ban)
+        ///     Default: 15
+        /// </summary>
+        public int BanMinutes { get; set; }
+
         /// <summary>
         ///     The password to access RCON
+        ///     Default: changeme
         /// </summary>
         public string Password { get; set; }
 
@@ -87,24 +106,44 @@ public RemoteConServer(IPAddress bindAddress, int port)
 
         /// <summary>
         ///     Wether or not we should invoke <see cref="OnCommandReceived" /> instead of internally parsing the command
+        ///     Default: False
         /// </summary>
         public bool UseCustomCommandHandler { get; set; }
 
+        /// <summary>
+        ///     Should we debug the library
+        ///     Default: False (In Release), True (In Debug)
+        /// </summary>
+        public bool Debug { get; set; }
+
+        /// <summary>
+        ///     How many clients a single IP can connect to the server
+        ///     (Setting this to zero means unlimited)
+        ///     Default: 1
+        /// </summary>
+        public uint MaxConnectionsPerIp { get; set; }
+
+        /// <summary>
+        ///     How many clients can connect to the server
+        ///     (Setting this to zero means unlimited)
+        ///     Default: 5
+        /// </summary>
+        public uint MaxConnections { get; set; }
+
         /// <summary>
         ///     Event Handler to parse custom commands
         /// </summary>
         public event CommandEventHandler OnCommandReceived;
 
-        public bool Debug { get; set; }
-
         /// <summary>
         ///     Starts the TCPListener and begins accepting clients
         /// </summary>
         public void StartListening()
         {
             _listener.Start();
             _listener.BeginAcceptTcpClient(OnAccept, _listener);
-            LogDebug("Started listening on " + ((IPEndPoint)_listener.LocalEndpoint).Address + ", Password is: \"" + Password + "\"");
+            LogDebug("Started listening on " + ((IPEndPoint) _listener.LocalEndpoint).Address + ", Password is: \"" +
+                     Password + "\"");
         }
 
         public void StopListening()
@@ -116,17 +155,58 @@ private void OnAccept(IAsyncResult result)
         {
             var tcpClient = _listener.EndAcceptTcpClient(result);
 
+            var ip = ((IPEndPoint) tcpClient.Client.RemoteEndPoint).Address;
+
+            if (MaxConnections > 0)
+                if (_clients.Count >= MaxConnections)
+                {
+                    LogDebug("Rejected new connection from " + ip + " (Server full.)");
+                    tcpClient.Close();
+                    return;
+                }
+
+            if (MaxConnectionsPerIp > 0)
+            {
+                var count = 0;
+                foreach (var tcpClient1 in _clients)
+                    if (((IPEndPoint) tcpClient1.Client.RemoteEndPoint).Address.ToString() == ip.ToString())
+                        count++;
+
+                if (count >= MaxConnectionsPerIp)
+                {
+                    LogDebug("Rejected new connection from " + ip + " (Too many connections from this IP)");
+                    tcpClient.Close();
+                    return;
+                }
+            }
+
             if (EnableIpWhitelist)
                 if (!IpWhitelist.Any(p =>
-                    IpExtension.Match(p, ((IPEndPoint) tcpClient.Client.RemoteEndPoint).Address.ToString())))
+                    IpExtension.Match(p, ip.ToString())))
+                {
+                    LogDebug("Rejected new connection from " + ip + " (Not in whitelist)");
+                    tcpClient.Close();
+                    return;
+                }
+
+            if (IpBanList.ContainsKey(ip.ToString()))
+            {
+                if (IpBanList[ip.ToString()] - DateTime.Now.ToUnixTimestamp() > 0)
                 {
+                    LogDebug("Rejected new connection from " + ip + " (Banned till " +
+                             DateTimeExtensions.FromUnixTimestamp(IpBanList[ip.ToString()]).ToString("F") + ")");
                     tcpClient.Close();
                     return;
                 }
 
-            LogDebug("Accepted new connection from " + ((IPEndPoint) tcpClient.Client.RemoteEndPoint).Address);
+                IpBanList.Remove(ip.ToString());
+            }
+
+            LogDebug("Accepted new connection from " + ip);
             var client = new RemoteConTcpClient(tcpClient, this);
 
+            _clients.Add(tcpClient);
+
             _listener.BeginAcceptTcpClient(OnAccept, _listener);
         }
 

RCONServerLib/RemoteConTcpClient.cs

@@ -205,9 +205,9 @@ internal void ParsePacket(byte[] rawPacket)
             {
                 var packet = new RemoteConPacket(rawPacket);
 
-                if(!_isUnitTest)
+                if (!_isUnitTest)
                     _remoteConServer.LogDebug(((IPEndPoint) _tcp.Client.RemoteEndPoint).Address + " sent packet " +
-                                          packet.Type + "!");
+                                              packet.Type + "!");
 
                 // Do not allow any other packets than auth to be sent when client is not authenticated
                 if (!Authenticated)
@@ -223,9 +223,9 @@ internal void ParsePacket(byte[] rawPacket)
 
                     if (packet.Payload == _remoteConServer.Password)
                     {
-                        if(!_isUnitTest)
+                        if (!_isUnitTest)
                             _remoteConServer.LogDebug(((IPEndPoint) _tcp.Client.RemoteEndPoint).Address +
-                                                  " successfully authenticated!");
+                                                      " successfully authenticated!");
                         Authenticated = true;
 
                         if (!_remoteConServer.SendAuthImmediately)
@@ -237,13 +237,19 @@ internal void ParsePacket(byte[] rawPacket)
 
                     if (_authTries >= _remoteConServer.MaxPasswordTries)
                     {
+                        if (_remoteConServer.BanMinutes > 0)
+                        {
+                            _remoteConServer.IpBanList.Add(((IPEndPoint) _tcp.Client.RemoteEndPoint).Address.ToString(),
+                                DateTime.Now.AddMinutes(_remoteConServer.BanMinutes).ToUnixTimestamp());
+                        }
+
                         CloseConnection();
                         return;
                     }
 
-                    if(!_isUnitTest)
+                    if (!_isUnitTest)
                         _remoteConServer.LogDebug(((IPEndPoint) _tcp.Client.RemoteEndPoint).Address +
-                                              " entered wrong password!");
+                                                  " entered wrong password!");
 
                     if (!_remoteConServer.SendAuthImmediately)
                         SendPacket(new RemoteConPacket(packet.Id, RemoteConPacket.PacketType.ResponseValue, ""));
@@ -258,7 +264,7 @@ internal void ParsePacket(byte[] rawPacket)
                 {
                     if (_isUnitTest)
                         throw new InvalidPacketTypeException();
-                    
+
                     _remoteConServer.LogDebug(((IPEndPoint) _tcp.Client.RemoteEndPoint).Address +
                                               " sent a packet with invalid type!");
 
@@ -313,8 +319,8 @@ internal void ParsePacket(byte[] rawPacket)
             {
                 if (_isUnitTest)
                     throw;
-                
-                if(!_isUnitTest)
+
+                if (!_isUnitTest)
                     _remoteConServer.LogDebug(string.Format("Client {0} caused an exception: {1} and was killed.",
                         ((IPEndPoint) _tcp.Client.RemoteEndPoint).Address, e.Message));
 

RCONServerLib/Utils/DateTimeExtensions.cs

@@ -0,0 +1,34 @@
+using System;
+
+namespace RCONServerLib.Utils
+{
+    public static class DateTimeExtensions
+    {
+        /// <summary>
+        ///     Converts a given DateTime into a Unix timestamp
+        /// </summary>
+        /// <param name="value">Any DateTime</param>
+        /// <returns>The given DateTime in Unix timestamp format</returns>
+        public static int ToUnixTimestamp(this DateTime value)
+        {
+            return (int) Math.Truncate(value.ToUniversalTime().Subtract(new DateTime(1970, 1, 1)).TotalSeconds);
+        }
+
+        /// <summary>
+        ///     Gets a Unix timestamp representing the current moment
+        /// </summary>
+        /// <param name="ignored">Parameter ignored</param>
+        /// <returns>Now expressed as a Unix timestamp</returns>
+        public static int UnixTimestamp(this DateTime ignored)
+        {
+            return (int) Math.Truncate(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds);
+        }
+
+        public static DateTime FromUnixTimestamp(int unixTimeStamp)
+        {
+            var dtDateTime = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
+            dtDateTime = dtDateTime.AddSeconds(unixTimeStamp).ToLocalTime();
+            return dtDateTime;
+        }
+    }
+}