schachtmeister2
is a daemon for white- and blacklisting specified ISPs, hosting providers and so on. It was created for the Der Bunker Tremulous server to combat malicious players evading bans.
The source code is available here.
The daemon works by looking up a given IP address in WHOIS databases and reverse DNS records and analyzing the results. Its configuration file, schachts.list
, is a list of keywords to be searched for along with a partial rating. The program's output, the rating, is the sum of partial ratings of all matched keywords.
Since the daemon is meant to be used with a Tremulous server, it communicates over UDP. The protocol is extremely simple. To query schachtmeister2
send an UDP packet (port 1337) that looks like:
\xff\xff\xff\xffsm2query ADDRESS
Note the four leading 0xFF
bytes. The daemon will send a reply to the sender's address and port that will look like:
\xff\xff\xff\xffsm2reply ADDRESS RATING
Here's an example using BSD's netcat, asking for the rating of 8.8.8.8
(Google's DNS):
$ printf "\xff\xff\xff\xffsm2query 8.8.8.8 | nc -u 127.0.0.1 1337 ����sm2reply 8.8.8.8 0
The daemon needs a list of keywords to operate meaningfully. The program looks for a file named schachts.list
in its working directory. Below is an example list:
// a few known VPS and VPN providers revdns -50 tcpvpn.com revdns -50 vultr.com whois -50 "OVH" whois -50 "DigitalOcean" whois -50 "Digital Ocean" // Desala's ISP revdns -10 .dynamic.chello.pl
The columns are:
revdns
or whois
?Whitespace doesn't matter but I recommend tabs for proper alignment. You can use C++-style one-line comments.
Restarting the daemon clears its cache, so you might want to avoid it. To make schachtmeister2
reload the list, send SIGUSR1
to the process.
This is one of those programs that I've written quickly, as crude prototypes, but have worked exceedingly well. As I couldn't be bothered to rewrite the program better, it's not very flexible and works well only in a single application. I might continue working on it if there's demand outside of Tremulous.