diff --git a/VPN-Check/scripting/VPN-Check.sp b/VPN-Check/scripting/VPN-Check.sp new file mode 100644 index 00000000..b96cc717 --- /dev/null +++ b/VPN-Check/scripting/VPN-Check.sp @@ -0,0 +1,407 @@ +#include +#include +#include +#include + +#undef REQUIRE_PLUGIN +#tryinclude +#define REQUIRE_PLUGIN + +#pragma newdecls required +#pragma semicolon 1 + +#define APIKEY "" + + +#define STATUS_ERROR -2 +#define STATUS_NONE -1 +#define STATUS_SAFE 0 +#define STATUS_BAD 1 + + +ConVar g_cvBlockNoSteamVPN; + +Database g_hDatabase; + +int g_bStatus[MAXPLAYERS+1] = {STATUS_NONE,...}; + +bool g_bPMLoaded; + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public Plugin myinfo = +{ + name = "VPN-Check", + author = "Neon", + description = "", + version = "2.1.0" +}; + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void OnPluginStart() +{ + g_cvBlockNoSteamVPN = CreateConVar("sm_vpn_block", "1", "Kick unauthenticated people that use a VPN.", FCVAR_NONE, true, 0.0, true, 1.0); + + RegAdminCmd("sm_vpn", Command_CheckVPN, ADMFLAG_RCON); + + AutoExecConfig(); +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void SQL_OnTableCreated(Database db, DBResultSet results, const char[] error, any data) +{ + for(int i = 1; i <= MaxClients; i++) + { + if(IsValidClient(i) && IsClientAuthorized(i)) + OnClientAuthorized(i, ""); + } +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void OnConfigsExecuted() +{ + if (!g_hDatabase) + { + Database.Connect(SQL_OnDatabaseConnect, "vpn_check"); + } +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void SQL_OnDatabaseConnect(Database db, const char[] error, any data) +{ + if(!db || strlen(error)) + { + LogError("Database error: %s", error); + return; + } + + g_hDatabase = db; + + char sQuery[256]; + Format(sQuery, sizeof(sQuery), "CREATE TABLE IF NOT EXISTS ip_table (`ip` varchar(32), `type` int(64), `last_check` int(64), PRIMARY KEY (`ip`))"); + + g_hDatabase.Query(SQL_OnTableCreated, sQuery, _, DBPrio_High); +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void OnClientAuthorized(int client, const char[] auth) +{ + if (IsFakeClient(client)) + return; + + char sIP[32]; + GetClientIP(client, sIP, sizeof(sIP)); + + char sQuery[512]; + Format(sQuery, sizeof(sQuery), "SELECT * FROM ip_table WHERE ip='%s'", sIP); + + g_hDatabase.Query(SQL_OnQueryCompleted, sQuery, GetClientSerial(client), DBPrio_Low); +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void SQL_OnQueryCompleted(Database db, DBResultSet results, const char[] error, int iSerial) +{ + int client = GetClientFromSerial(iSerial); + if (!client) //Player disconnected. + return; + + if (!db || strlen(error)) + { + g_bStatus[client] = STATUS_ERROR; + LogError("Query error: %s", error); + return; + } + + if (results.RowCount && results.FetchRow()) + { + int iFieldNum; + + results.FieldNameToNum("type", iFieldNum); + int iType = results.FetchInt(iFieldNum); + + results.FieldNameToNum("last_check", iFieldNum); + int iLastCheck = results.FetchInt(iFieldNum); + + delete results; + + if ((GetTime() - iLastCheck) < (86400 * 2)) + { + g_bStatus[client] = iType; + if (g_bStatus[client] == STATUS_BAD) + TakeAction(client); + + return; + } + } + + char sIP[32]; + GetClientIP(client, sIP, sizeof(sIP)); + + char sRequest[256]; + FormatEx(sRequest, sizeof(sRequest), "use a url here", sIP, APIKEY); + //PrintToConsoleAll(sRequest); + + Handle hRequest = SteamWorks_CreateHTTPRequest(k_EHTTPMethodGET, sRequest); + if (!hRequest || + !SteamWorks_SetHTTPCallbacks(hRequest, OnTransferComplete) || + !SteamWorks_SetHTTPRequestContextValue(hRequest, iSerial) || + !SteamWorks_SendHTTPRequest(hRequest)) + { + delete hRequest; + } +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public int OnTransferComplete(Handle hRequest, bool bFailure, bool bSuccessful, EHTTPStatusCode eStatusCode, int iSerial) +{ + int client = GetClientFromSerial(iSerial); + if (!client) //Player disconnected. + { + delete hRequest; + return 0; + } + + if (bFailure || !bSuccessful || eStatusCode != k_EHTTPStatusCode200OK) + { + delete hRequest; + g_bStatus[client] = STATUS_ERROR; + LogError("Request-Error: %d", eStatusCode); + return 0; + } + + SteamWorks_GetHTTPResponseBodyCallback(hRequest, OnTransferResponse, iSerial); + return 0; +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public int OnTransferResponse(char[] sData, int iSerial) +{ + int client = GetClientFromSerial(iSerial); + if (!client) //Player disconnected. + return 0; + + char sIP[32]; + GetClientIP(client, sIP, sizeof(sIP)); + + JSON_Object obj = json_decode(sData); + + char sStatus[32]; + obj.GetString("status", sStatus, sizeof(sStatus)); + if (!StrEqual(sStatus, "ok") && !StrEqual(sStatus, "warning")) + { + char sMessage[256]; + obj.GetString("message", sMessage, sizeof(sMessage)); + LogError("API-Response: %s: %s", sStatus, sMessage); + g_bStatus[client] = STATUS_ERROR; + json_cleanup_and_delete(obj); + return 0; + } + + JSON_Object ipobj = obj.GetObject(sIP); + char sProxy[16]; + ipobj.GetString("proxy", sProxy, sizeof(sProxy)); + if (StrEqual(sProxy, "no")) + g_bStatus[client] = STATUS_SAFE; + else + { + //char sType[64]; + //ipobj.GetString("type", sType, sizeof(sType)); + //if (StrEqual(sType, "Compromised Server")) + //g_bStatus[client] = STATUS_SAFE; + //else + //{ + g_bStatus[client] = STATUS_BAD; + TakeAction(client); + //} + } + + int iCurrentTime = GetTime(); + + char sQuery[512]; + Format(sQuery, sizeof(sQuery), "INSERT INTO ip_table (ip, type, last_check) VALUES ('%s', '%d', '%d') ON DUPLICATE KEY UPDATE type='%d', last_check='%d';", sIP, g_bStatus[client], iCurrentTime, g_bStatus[client], iCurrentTime); + g_hDatabase.Query(SQL_OnQueryCompleted, sQuery, _, DBPrio_Low); + + //https://github.com/clugg/sm-json/blob/master/addons/sourcemod/scripting/json_test.sp#L446 + //as far as i can tell i just need to call json_cleanup_and_delete() on the most outer json object, all its children should get cleaned and deleted as well. + json_cleanup_and_delete(obj); + return 0; +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public Action Command_CheckVPN(int client, int args) +{ + char sBuffer[4096]; + char sIP[32]; + char sSteamID[32]; + bool bFound = false; + + Format(sBuffer, sizeof(sBuffer), "VPN STATUS:\n"); + Format(sBuffer, sizeof(sBuffer), "%s#########################################\n", sBuffer); + for (int i = 1; i <= MaxClients; i++) + { + if (!IsValidClient(i)) + continue; + + if (g_bStatus[i] == STATUS_SAFE || g_bStatus[i] == STATUS_NONE) + continue; + + if (g_bStatus[i] == STATUS_BAD) + { + GetClientAuthId(i, AuthId_Steam2, sSteamID, sizeof(sSteamID)); + GetClientIP(i, sIP, sizeof(sIP)); + + if (g_bPMLoaded) + { + if (!PM_IsPlayerSteam(i)) + Format(sBuffer, sizeof(sBuffer), "%s\"%L\"[NOSTEAM] is using a VPN (%s).\n", sBuffer, i, sIP); + else + Format(sBuffer, sizeof(sBuffer), "%s\"%L\"[STEAM] is using a VPN (%s).\n", sBuffer, i, sIP); + } + else + Format(sBuffer, sizeof(sBuffer), "%s\"%L\" is using a VPN (%s).\n", sBuffer, i, sIP); + + bFound = true; + } + else if (g_bStatus[i] == STATUS_ERROR) + { + Format(sBuffer, sizeof(sBuffer), "%s\"%L\" Error: VPN-Check failed, check the error logs.\n", sBuffer, i); + bFound = true; + } + } + + if (!bFound) + Format(sBuffer, sizeof(sBuffer), "%sCould not find any possible VPNs\n", sBuffer); + + Format(sBuffer, sizeof(sBuffer), "%s#########################################", sBuffer); + ReplyToCommand(client, sBuffer); + return Plugin_Handled; +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void TakeAction(int client) +{ + char sIP[32]; + GetClientIP(client, sIP, sizeof(sIP)); + + char sSteamID[32]; + GetClientAuthId(client, AuthId_Steam2, sSteamID, sizeof(sSteamID)); + + for(int i = 1; i <= MaxClients; i++) + { + if(IsValidClient(i) && CheckCommandAccess(i, "sm_vpn", ADMFLAG_RCON)) + { + if (g_bPMLoaded) + { + if (!PM_IsPlayerSteam(client)) + { + if (g_cvBlockNoSteamVPN.BoolValue) + { + CPrintToChat(i, "{green}[SM]{default} %L[NOSTEAM] is using a {red}VPN {default}(IP: %s). Client will be kicked.", client, sIP); + } + else + { + CPrintToChat(i, "{green}[SM]{default} %L[NOSTEAM] is using a {red}VPN {default}(IP: %s).", client, sIP); + } + } + else + { + CPrintToChat(i, "{green}[SM]{default} %L[STEAM] is using a {red}VPN {default}(IP: %s).", client, sIP); + } + } + else + { + CPrintToChat(i, "{green}[SM]{default} %L is using a {red}VPN {default}(IP: %s).", client, sIP); + } + } + } + + if (g_bPMLoaded) + { + if (!PM_IsPlayerSteam(client)) + { + if (g_cvBlockNoSteamVPN.BoolValue) + { + LogAction(client, -1, "\"%L\"[NOSTEAM] is using a VPN (IP: %s). Client got kicked.", client, sIP); + KickClient(client, "VPN not allowed"); + } + else + { + LogMessage("%L[NOSTEAM] is using a VPN (IP: %s).", client, sIP); + } + } + else + { + LogMessage("%L[STEAM] is using a VPN (IP: %s).", client, sIP); + } + } + else + { + LogMessage("%L is using a VPN (IP: %s).", client, sIP); + } +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void OnClientDisconnect(int client) +{ + g_bStatus[client] = STATUS_NONE; +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +stock int IsValidClient(int client, bool nobots = true) +{ + if (client <= 0 || client > MaxClients || !IsClientConnected(client) || (nobots && IsFakeClient(client))) + return false; + + return IsClientInGame(client); +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void OnAllPluginsLoaded() +{ + g_bPMLoaded = LibraryExists("PlayerManager"); +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void OnLibraryAdded(const char[] sName) +{ + if (strcmp(sName, "PlayerManager", false) == 0) + g_bPMLoaded = true; +} + +//---------------------------------------------------------------------------------------------------- +// Purpose: +//---------------------------------------------------------------------------------------------------- +public void OnLibraryRemoved(const char[] sName) +{ + if (strcmp(sName, "PlayerManager", false) == 0) + g_bPMLoaded = false; +}