Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xban incorrect syntax bans (unknown subset of) users #14

Open
Poikilos opened this issue Jun 9, 2017 · 5 comments
Open

xban incorrect syntax bans (unknown subset of) users #14

Poikilos opened this issue Jun 9, 2017 · 5 comments

Comments

@Poikilos
Copy link

Poikilos commented Jun 9, 2017
edited
Loading

server: minetest server 0.4.15 2017-03-16 git
xban2: 2017-04-24 git
If one types
/xban mrg3 1D
accidentally instead of
/xtempban mrg3 1D
the player might see a message saying "Banned: Reason: 1D" and be permanently banned. Then many players on server (or similarly named? or recently logged in?) are banned too.

In a version of xban from about a year and a half ago (from old repo before placed in github.com/minetest-mods) also happened when several people with various names ending in numbers (or not) were logged in. In that scenario I may have banned a player who was not logged in. That seemed to ban everyone.

On both occasions I had to edit xban.db manually to resolve the issue. I'm glad this was in a human-readable text file that could be trivially edited remotely using nano or notepad++ via FTP.

	[26] = {
		["banned"] = true,
		["record"] = {
			[1] = {
				["reason"] = "1D",
				["time"] = 1496974261,
				["source"] = "mrg",
			},
		},
		["time"] = 1496974261,
		["names"] = {
			["192.212.100.47"] = true,
			["mrg2"] = true,
			["mrg3"] = true,
			["mrg"] = true,
			["192.212.100.133"] = true,
			["192.212.100.25"] = true,
		},
		["last_seen"] = 1496973703,
		["reason"] = "1D",
		["last_pos"] = {
			["y"] = -24.5,
			["x"] = 8.1890001296997,
			["z"] = 74.534004211426,
		},
	},

In addition to mrg3, it also banned me (mrg) and mrg2 as seen in the list above and in the attached log screenshot.
Could this be anything to do with having a number after a name?
If you notice above, all of their ip addresses were banned too, though neither intended nor typed.
@kaeza
Copy link
Member

kaeza commented Jun 15, 2017

The first issue is user error, and nothing can be done. Be very careful and review commands before executing.

About the multi-ban, that's what XBan is about. It groups different usernames connecting from the same IP and an username connecting from different IPs into the same record, and bans them all as if it were one. As you see in your own excerpt, mrg, mrg2 and mrg3 appear to be connecting from the same IP range. The username and IP are matched exactly, not by prefix, suffix, or substring. The mod is working as intended.

@kaeza
Copy link
Member

kaeza commented Jun 15, 2017

If you know and trust someone connecting from a banned IP (maybe it's an internet café or school network), you may whitelist his/her username(s) and XBan will let it go through (see /help xban_wl).

@Poikilos
Copy link
Author

Poikilos commented Jun 16, 2017
edited
Loading

I do not see how this could be by design--I will give more details. For one thing, why would you want to ban a whole IP range if you are banning one person? How would this play out on the WAN--would the whole userbase of the ISP get banned (since they would have same IP range from some WAN subnet perspective)?
Also, I did
/xban mrg3 1D
/xban mrg2 1D
when mrg2 (192.212.100.203) was logged in and mrg3 was not, and this time only the person mentioned was banned. For some reason then, the behavior is not consistent. Also, for some reason the IP address of mrg2 is in a record that says ["banned"] = false. Could it be that the issue only occurs the first time someone is banned, and at that point the whole IP range is banned until you unban it? That doesn't seem like expected behavior, but, as I would have expected it doesn't ban everyone in the range the second time you ban the user. Also, there are two different entries which contain the IP address above. One would expect that IP address not to be associated permanently, since LAN IPs get recycled and eventually even WAN IPs (of home users, which normally have dynamic WAN IP) get recycled. Here are the xban.db entries:

[4] = {
		["banned"] = false,
		["record"] = {
			[1] = {
				["time"] = 1495035755,
				["source"] = "mrg",
				["reason"] = "24h home invasion\13\
",
			},
			[2] = {
				["time"] = 1495035793,
				["source"] = "mrg",
				["reason"] = "Unbanned",
			},
			[3] = {
				["reason"] = "testing",
				["time"] = 1497616419,
				["source"] = "mrg",
			},
			[4] = {
				["time"] = 1497616425,
				["source"] = "mrg",
				["reason"] = "Unbanned",
			},
			[5] = {
				["reason"] = "testing",
				["time"] = 1497616431,
				["source"] = "mrg",
			},
			[6] = {
				["time"] = 1497616436,
				["source"] = "mrg",
				["reason"] = "Unbanned",
			},
			[7] = {
				["reason"] = "1D",
				["time"] = 1497616486,
				["source"] = "mrg",
			},
			[8] = {
				["time"] = 1497616493,
				["source"] = "mrg",
				["reason"] = "Unbanned",
			},
		},
		["names"] = {
			["192.212.100.140"] = true,
			["192.212.100.151"] = true,
			["192.212.100.91"] = true,
			["192.212.100.211"] = true,
			["mrg2"] = true,
			["192.212.100.113"] = true,
			["123"] = true,
			["192.212.100.185"] = true,
			["192.212.100.203"] = true,
			["192.212.100.69"] = true,
			["192.212.100.107"] = true,
			["1234567your"] = true,
			["192.212.100.121"] = true,
			["192.212.100.148"] = true,
			["192.212.100.105"] = true,
			["192.212.100.135"] = true,
			["192.212.100.104"] = true,
			["192.212.100.187"] = true,
			["192.212.100.103"] = true,
			["192.212.100.75"] = true,
			["192.212.100.156"] = true,
			["192.212.100.55"] = true,
			["192.212.100.109"] = true,
			["192.212.100.131"] = true,
			["192.212.100.101"] = true,
			["192.212.100.138"] = true,
			["192.212.100.152"] = true,
		},
		["last_seen"] = 1497616466,
		["last_pos"] = {
			["y"] = 2.5,
			["x"] = 58.753997802734,
			["z"] = -34.919002532959,
		},
	},

In the following entry, .203 appears again, this time associated with everyone who used that computer (thefox963 and bk--I actually recall that this is correct--they are the only ones who used minetest on that computer)

	[25] = {
		["names"] = {
			["192.212.100.147"] = true,
			["bk"] = true,
			["192.212.100.134"] = true,
			["thefox963"] = true,
			["192.212.100.203"] = true,
		},
		["record"] = {

		},
		["banned"] = false,
		["last_seen"] = 1496935458,
	},

@Poikilos
Copy link
Author

Poikilos commented Oct 3, 2018
edited
Loading

@kaeza Hey, I hope you understood my last post. Let me know if you have any questions. All nodes where on LAN (clients and server, all on same switch, no nodes on a different side of any router) so I'm not sure how this could happen unless it is a bug.

@Poikilos Poikilos mentioned this issue Nov 25, 2020
Closed
@Poikilos
Copy link
Author

Poikilos commented Nov 9, 2021
edited
Loading

Further info on cause: xban apparently keeps track of IP addresses of each user. This is not reasonable to do for LAN addresses. Students may sit at a different computer every day.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kaeza @Poikilos