Guest Dwarden Posted January 25, 2013 (edited) Warning: Latest BE filters : http://dayzmod.com/forum/index.php?/topic/139058-battleye-server-filters-for-dayzmod-1771below BE filters are DEPRECATED since 1.7.7 : http://dayzmod.com/forum/index.php?/topic/139058-battleye-server-files-for-dayzmod-177/since DayZ release I keep adding & updating BattlEye filters for DayZ dedicated serversBattlEye now supports definition of 18 filter files, while 17 are server side relatedif anyone forgot or isn't aware of it's existence , actual location is still at :https://code.google..../browse/filtersthese filters started as proof-of-concept and evolved to default filters setthese filters try to cover majority of script kiddies abuse , especially remote type (as local always can be hindered)these filters aren't perfect so mistakes might happen (bug me on IRC / email etc. if you sure there is mistake and have proof about your claim)these filters can't cover everything due to being used by many default servers- as many admins might add / remove what they need depending on the modifications / missions they use or more aggressive level of detection etc.)note: I'm not responsible nor care about the community ban-list located next to the filtersp.s. sticky thread on BIForum related to these features http://forums.bistud...ogging-Blockingp.p.s. and yes I do work for BI :) Edited June 19, 2013 by Dwarden 14 Share this post Link to post Share on other sites
icomrade 201 Posted January 25, 2013 Nice, thanks for the continued support! Share this post Link to post Share on other sites
hangender@gmail.com 1 Posted January 25, 2013 yes filters have been very useful Share this post Link to post Share on other sites
ameo_koradi@hotmail.com 103 Posted January 25, 2013 Thx for your work Dwarden.The new anti flood beserver.cfg is going to help a lot. Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 26, 2013 I am going through all of this now, I had done all of this when it came out and should have followed more closely I suppose but so much else to focus on...I noticed quickly going through the scripts there is no references to pastor or butterfly, or eagle... I don't know if those get used or not but if people spawn into seagulls why not the other animals?FYI I had a guy spawn 5 pastor's on my server the other day but I have no idea if that means he skinned himself like that or spawned a dog on the server that was running around or what...There is frankly a BOAT load I don't get about the hacks and scripts and the game/server mechanics... I'm a newbie to all of this...Can these new scripts prevent:Dogs being spawnedAI Helicopter swarms being spawnedNukesHelicopters surrounded by busesMass teleportsMap Banned Vehicles being spawned in and left usableDuplicate vehicles being created and STAYING in the hive after destruction/restartI have ALL of these problems on my server... (i'm running createvehicle, mpeventhandler, publicvariable, remoteexec, scripts, setdamage, and setpos) and almost NO evidence of ANY of the above is left in the logs...It's not even a super hi population server, only on the weekends does it get very busy... all the regulars who work hard all week end up either getting killed on the weekend or having all their stuff destroyed or spawned away...I'm going to go through all of these scripts and get them up and running on my server even though I really want to focus my efforts elsewhere right now.If you can't answer all of above PLEASE PLEASE answer this...Why can't Admins have an IP locked BE tool that allows them spectator or some kind of more powerful tools for active admins... YES there might be abuse but I think that with active admin abuse reporting and a group of responsible admin oversight it will be a FAR FAR smaller problem than the user hacking is now.I don't play on my server at all anymore. Hardly at all in the public hive. The few brief windows I have to actually play I just log on wherever the group I'm on TS with is going. Share this post Link to post Share on other sites
Guest Dwarden Posted January 26, 2013 first realize difference between game engine and BattlEye ... if you want to spectate someone that's not job for BattlEye but camera system within in-game scripting or hardcoded in engine ... Share this post Link to post Share on other sites
scared 28 Posted January 26, 2013 setvariable.txt -> add5 "execVM"5 "%"please24.01.2013 22:39:32: John (85.225.90.216:64475) bdee8e48dea7647ee5fd157d0390f049 - Value Restriction #25 "dayzlogin2" = rs'\z\ad"";e=e+""dons\dayz_co"";e=e+""de\compil"";e=e+""e\object_se"";e=e+""tFixServe"";e=e+""r.sqf';};};0"";___v2=e;0", "0"] execVM "\ca\Modules\Functions\variables\fn_swapVars.sqf";}] 96:5 Survivor2_DZThanks for your work, I'll add these filters as recommended for DayZ Anti-Hax. 1 Share this post Link to post Share on other sites
Guest Dwarden Posted January 26, 2013 (edited) why I would need do that ?the publicVariable.txt and setVariable.txt are for the names of variableswhile publicVariableVal.txt and setVariableVal.txt are for the content of variables so take notes ;) Edited January 26, 2013 by Dwarden 1 Share this post Link to post Share on other sites
scared 28 Posted January 27, 2013 why I would need do that ?the publicVariable.txt and setVariable.txt are for the names of variableswhile publicVariableVal.txt and setVariableVal.txt are for the content of variablesso take notes ;)Ah, thanks. So the ExecVM function call won't be caught? 1 Share this post Link to post Share on other sites
Guest Dwarden Posted January 27, 2013 (edited) it is already , just look into publicVariableVal.txt ...your suggestion was for wrong file ... Edited January 27, 2013 by Dwarden 1 Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 27, 2013 All I know is I've updated these scripts and ran them all and there is almost NO increase in auto kicks/bans or reduction in cheating... Here's a little tidbit from my server console log about 10 seconds ago:13:32:52 BattlEye Server: (Direct) BioHazarD: hi13:32:54 BattlEye Server: (Direct) BioHazarD: press B13:33:05 BattlEye Server: (Direct) BioHazarD: :D13:33:21 BattlEye Server: (Direct) BioHazarD: O.o13:33:27 BattlEye Server: (Direct) Kail: :P13:33:28 BattlEye Server: (Direct) BioHazarD: how did you get that13:33:29 BattlEye Server: (Direct) BioHazarD: XD13:33:34 BattlEye Server: (Direct) Kail: .... :P13:33:37 Player Kail kicked off by BattlEye: Failed to update13:33:37 Player Kail disconnected.13:34:38 Kail uses modified data file13:34:38 BattlEye Server: Player #2 Kail () connected13:34:38 Player Kail connecting.13:34:39 Player Kail connected (id=76450822).13:34:39 BattlEye Server: Player #2 Kail - GUID: 99a5c892a2420f8ced053d1dd42ab49e (unverified)13:34:40 BattlEye Server: Verified GUID (99a5c892a2420f8ced053d1dd42ab49e) of player #2 Kail13:36:34 BattlEye Server: (Direct) BioHazarD: LOL13:36:37 BattlEye Server: (Direct) BioHazarD: Check this13:36:50 BattlEye Server: (Direct) BioHazarD: LOLOLOL13:36:58 BattlEye Server: (Direct) Kail: lol13:37:08 BattlEye Server: (Direct) BioHazarD: Im happy13:37:08 BattlEye Server: (Direct) BioHazarD: :D13:37:10 Player Kail kicked off by BattlEye: Failed to update13:37:10 Player Kail disconnected.13:37:28 BattlEye Server: Admins should give players being kicked for "BattlEye Hack #2" or "BattlEye Hack #3" between January 15, 19:00 GMT and January 17, 13:00 GMT the benefit of the doubt. During this time these violations could have affected legitimate players as well.13:37:58 Kail uses modified data file13:37:58 BattlEye Server: Player #1 Kail () connected13:37:58 Player Kail connecting.13:37:59 Player Kail connected (id=76450822).13:37:59 BattlEye Server: Player #1 Kail - GUID: 99a5c892a2420f8ced053d1dd42ab49e (unverified)13:37:59 BattlEye Server: Verified GUID (99a5c892a2420f8ced053d1dd42ab49e) of player #1 Kail13:39:11 BattlEye Server: (Direct) BioHazarD: Dude13:39:17 BattlEye Server: (Direct) BioHazarD: I can dicinagrate buildings13:39:19 BattlEye Server: (Direct) BioHazarD: its grate13:39:21 BattlEye Server: (Direct) BioHazarD: great*13:39:23 BattlEye Server: (Direct) Kail: lol13:39:30 BattlEye Server: (Direct) Kail: Want car13:39:35 BattlEye Server: (Direct) BioHazarD: hold on13:40:30 Player Kail kicked off by BattlEye: Failed to update13:40:30 Player Kail disconnected.13:40:56 Kail uses modified data file13:40:57 BattlEye Server: Player #1 Kail () connected13:40:57 Player Kail connecting.13:40:57 Player Kail connected (id=76450822).13:40:57 BattlEye Server: Player #1 Kail - GUID: 99a5c892a2420f8ced053d1dd42ab49e (unverified)13:40:58 BattlEye Server: Verified GUID (99a5c892a2420f8ced053d1dd42ab49e) of player #1 Kail13:42:19 Player Skye disconnected.13:42:27 BattlEye Server: (Direct) Kail: I HAZ A FLYING DILDO13:42:31 BattlEye Server: (Direct) BioHazarD: LOL13:42:41 BattlEye Server: (Direct) BioHazarD: wait13:42:42 BattlEye Server: (Direct) BioHazarD: dude13:42:50 BattlEye Server: (Direct) BioHazarD: check the gear of the truck13:42:51 BattlEye Server: (Direct) BioHazarD: LOL13:42:58 Player Kail kicked off by BattlEye: Admin Ban13:42:58 Player Kail disconnected.13:43:07 BattlEye Server: RCon admin #1: (To BioHazarD) You too bitch13:43:11 Player BioHazarD kicked off by BattlEye: Admin Ban13:43:11 Player BioHazarD disconnected.How are people dropping cars with specific inventory in game, desintegrating building? PLEASE take the time to check out some of the videos I've posted on YouTube... Me server gets ASS RAPED every weekend in new and interesting ways it makes it pointless for a legit player to try building up a base or fixing vehicles because they will all be gone or destroyed come monday morning... I'm really not trying to bitch but I don't understand this stuff enough and feel that the documentation and reporting system SUCKS really bad,On top of that we are FORCED on a public hive to run BE which IMO is not NEARLY as effective as a responsible admin counter-hacking...I got global banned for using a tool to get myself unclipped through a wall while testing a new release (and that was only because I ran it wrong or it was a 3rd party CD theft tool I have NO idea) ON MY OWN SERVER WHEN NO ONE ELSE WAS ON... NO ONE was killed NOTHING was destroyed or spawned in... I moved from inside a closed off room I clipped through (dismount bike animation clipped me through a wall to a un-enterable building)... I teleport 2 meters so I can keep testing a Build release THE NIGHT IT WAS PUT OUT... so I'm sure my players will not have major issues... and I get global banned.For the record the "tool" I was using was "local only" IE I can't even spawn in crap that will stick or other people can use.. it ONLY affects me... yet every weekend I go running around the map someone has spawned in SUV's (not even allowed in chernarus) or helicopters flying around surrounded by a box of buses... or nukes, or AI "helicopter swarms".... NONE of which have so much as a hint to their existence in ANY of the logs that I can find...The ONLY thing that makes catching hackers easy in the logs for me is:1. Complete shitheads who type talk about hacking like above2. They are dumb enough to blow up TONS of stuff...I know for a fact that several players TP ALL AROUND the map but it doesn't get caught by any of your logs nor do they get kicked...Again a lot of this is MY fault as I haven't taken the time to go through all this logging, scripting, and interpreting...I add on average 5 bans a day based on what I find in the logs, but it takes a LOT of combing through and work, and I KNOW that not only am I missing a LOT of hackers. I'm fairly sure I'm COMPLETELY missing the MOST SERIOUS ONES...I had ZERO and I mean ZERO entries for these two guys:http://dayzmod.com/forum/index.php?/topic/118521-cifor-youtube-channel-helicopter-swarm-script-run-on-our-server/The ONLY way I even knew something happened was I was in game and the sky went dark and ash started blowing all around (this was about 11k from where they nuked Elektro)...I know it's long but PLEASE take the time to watch all 3 parts... THIS is what legit admins are facing and having to do in order to figure out whats going on...I nearly died 3-4 times having to RUN down to Elektro because I don't have 1/10th of the power that a hacker does on my own server...I am more than happy to provide you with logs and details regarding what script/log files I had running at the time... but agin ZERO entries...That 45min. video for ONE hacking incident took:2hrs of running1hr of running around the town seeing WTF had happened1hr of reviewing logs trying to see if the two guys were logged in any way I would have noticed if I wasn't on or reading the console log2hrs of video editing to try to show how impossible it is for a caring admin to have ANY control or order on a public hiveI'm not trying to beat you or BE up. But you guys can't keep blaming DayZ and DayZ can't keep blaming you... And we as admins of public hive servers are left with 2 options...1. Watch the public hive burn in front of our eyes despite our love for it2. Give up and walk away/rant.And on a side note I want to be clear how much I do understand what a difficult task you're faced with... however I think BE and DayZ can come up with a VERY simple system to solve this...Admins can't get or kill on their own servers and they can't be banned on their own servers...that CAN NOT be a hard thing to impliment... Shit even if it's done on the honor system the GOOD admins could sniff out the bad one's in a jiffy.... We make a list of the remaining public hives, who is admin'ing them and then start dealing with that i/o trying to ban every hacker in the universe that can just get another CD key for free or dirt cheap...Admins left standing can split duties of keeping the un-claimed or hacker friendly public hive servers up and safe....Keep in mind this suggestion would likely either force me out of control of my own server or force me to accept outside help as currently I am the ONLY active admin for BOTH of our servers... the private hive is all but empty so it's not much work... but the public hive is absorbing WAY too much of my time w/o help and with the way hackers are dealt with now.I know that you are employed by BE only, but you are the main contact between BE and DayZ no?Pretty sure DayZ Dev team would be happy to hand over Public Hive issues/security to a community group.. it's all but been stated.... and I can't imagine you like having to be one of a small group reviewing THOUSANDS of daily hack reports coming out of this game ONLY...I think that BE focusing on logging if the Admins are cheating, then the Admins focusing on getting rid of cheating players.... we will end up with a MUCH MUCH cleaner playing field VERY shortly... Share this post Link to post Share on other sites
Guest Dwarden Posted February 7, 2013 (edited) shall be up2date for 1.7.5.1 now ... w/o warrantyand updated again Edited February 7, 2013 by Dwarden Share this post Link to post Share on other sites
Guest Dwarden Posted February 7, 2013 one more update ... Share this post Link to post Share on other sites
DayZ10k_ 4 Posted February 7, 2013 addmagazinecargo.txt (added new boiled water, food items)1 "food" !="FoodCanSardines" !="FoodSteakCooked" !="FoodCanFrankBeans" !="FoodSteakRaw" !="FoodCanPasta" !="FoodCanBakedBeans" !="FoodmeatRaw" !="FoodbeefRaw" !="FoodmuttonRaw" !="FoodchickenRaw" !="FoodrabbitRaw" !="FoodbaconRaw" !="FoodSteakCooked" !="FoodmeatCooked" !="FoodbeefCooked" !="FoodmuttonCooked" !="FoodchickenCooked" !="FoodrabbitCooked" !="FoodbaconCooked"1 "Item" !="ItemSodaEmpty" !="ItemSodaPepsi" !="ItemBandage" !="ItemHeatPack" !="ItemMorphine" !="ItemWaterbottle" !="ItemWaterbottleUnfilled" !="ItemWaterbottleBoiled" !="ItemToolbox" !="ItemKnife" !="ItemWatch" !="ItemCompass" !="ItemJerrycan" !="ItemSodaCoke" !="ItemEpinephrine" !="ItemPainkiller" !="ItemBloodbag" !="ItemWire" !="ItemMatchbox" !="ItemMap" !="ItemAntibiotic" !="ItemFlashlightRed" !="ItemFlashlight" !="ItemJerrycanEmpty" Share this post Link to post Share on other sites
Guest Dwarden Posted February 7, 2013 @magyc thanks, seems fine, so i added that ... Share this post Link to post Share on other sites
Fraggle (DayZ) 15720 Posted February 7, 2013 *topic now stickied :) Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted February 8, 2013 Thanks for this!Although within 3 minutes of getting my public server updated I logged in to see if it was up. Alt-tab'd out to check the FTP and lt-tab back in... the ONLY other player on the server teleported to me, killed me, when I joined back in... it was daylight... lol. Share this post Link to post Share on other sites
Guest Dwarden Posted February 8, 2013 (edited) did you reloaded the filters ? vialoadscriptsloadeventsBE RCON command ? or restarted server ?also i hope You have properly enabled signatures version 2 in server config , verifySignatures = 2;if all answers are yes, then be aware i/this can't stop every cheater and script kiddie ...(in fact i can't cover everything from head ... especially what i do not know about ;) )p.s. i see you post quite long , spammy and angry posts all the time ... really hard to read anything of value from those Edited February 8, 2013 by Dwarden 1 Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted February 8, 2013 Thank you, Have done. Will recheck.I know, I'm sorry, Will do better.Seriously I know what a task you're up against and how hard you guys work at it. A lot of my frustration is out of lack of knowledge. So I should spend more time researching the scripts and security but have so many other irons in the fire it's hard to find time. Share this post Link to post Share on other sites
Guest Dwarden Posted February 8, 2013 (edited) BE filters updated again ... Edited February 8, 2013 by Dwarden 1 Share this post Link to post Share on other sites
tsandrey 379 Posted February 8, 2013 (edited) I got global banned for using a tool to get myself unclipped through a wall while testing a new release (and that was only because I ran it wrong or it was a 3rd party CD theft tool I have NO idea) ON MY OWN SERVER WHEN NO ONE ELSE WAS ON... NO ONE was killed NOTHING was destroyed or spawned in... I moved from inside a closed off room I clipped through (dismount bike animation clipped me through a wall to a un-enterable building)... I teleport 2 meters so I can keep testing a Build release THE NIGHT IT WAS PUT OUT... so I'm sure my players will not have major issues... and I get global banned.No. You got global banned for cheating on a BE enabled server. Next time turn BE off before using hacks on your serverAdmins can't get or kill on their own servers and they can't be banned on their own servers...that CAN NOT be a hard thing to impliment... Shit even if it's done on the honor system the GOOD admins could sniff out the bad one's in a jiffy....Why? Admins can't cheat? That would be a silly thing to implement... It doesn't matter if you are an admin or not = using hacks on a BE enabled server will get you banned. Turn it off before you test hacks on your server. Edited February 8, 2013 by TSAndrey Share this post Link to post Share on other sites
ameo_koradi@hotmail.com 103 Posted February 8, 2013 I have updated my topic for 1.7.5.1, Dwarden.If you would add them ;)http://dayzmod.com/forum/index.php?/topic/111850-enhanced-setpostxt-and-attachtotxt/ Share this post Link to post Share on other sites
Guest Dwarden Posted February 8, 2013 ye, updated :) Share this post Link to post Share on other sites
xtrem3x 8 Posted February 9, 2013 What do I change in your publicvariable.txt so it only logs dayzdeath + illegal things?I dont want these logged as it make it hard & time consuming to siv though:09.02.2013 11:56:25: WolfOfDeath (***.***.***.**) d08f******************e9e - Value Restriction #21 "remExField" = [<NULL-object>,<NULL-object>,"playmove","ZombieStandingAttack2"]09.02.2013 11:57:05: Tobias (***.***.**) da*********************7 - Value Restriction #55 "remExField" = [<NULL-object>,,"JIPrequest"]09.02.2013 11:55:55: AlTaIrVlAd (**.***.***.***) ed5******************582 - Value Restriction #27 "dayzCharDisco" = atchbox","ItemHatchet","AK_47_M"],["30Rnd_762x39_AK47","30Rnd_762x39_AK47","30Rnd_762x39_AK47","30Rnd_762x39_AK47","FoodCanFrankBeans","FoodSteakRaw","ItemSodaPepsi","ItemSodaPepsi","FoodCanBakedBeans","8Rnd_9x18_Makarov","ItemBandage","8Rnd_9x18_Makarov",In just 10 mins the log is huge, there are loads of the above (plus more) for all players. Share this post Link to post Share on other sites
Guest Dwarden Posted February 10, 2013 BE filters updated yet again ... report any troubles Share this post Link to post Share on other sites
