Banmaster

[def-]

As suggested in issue #240 I added the old banmaster code again and made it work. I've also added a readme-banmaster.txt that explains how it works.

[heinrich5991]

Please note that there are some security issues with my old banmaster system, especially with spoofed IP packets.

[def-]

Do you mean that someone could just send bogus banmaster packets to a server at the moment someone connects to it to get him banned? At least this shouldn't happen when using localhost as banmaster, which I made default.

I'd fix this by adding a random sequence number to requests to the banmaster, which the banmaster has to return, otherwise the packet is ignored.

Also, there is no IPV6 support.

[ravomavain]

I think that one reason why it wasn't used so much (and thus removed for lack of will to maintain it) is that there's no easy way to add bans.
Let's consider a typical use case: you have several teeworlds servers (like ddmax) and want to have a common ban list for all your servers, so that when you ban someone on one of your server (from ingame rcon), he automically get ban on all your servers for the same amount of time.
With current code, the only way to add bans is to edit bans.cfg, but it's not easy to do from rcon, may cause some trouble if a lot of servers are trying to modify it at the same time, and there's no cleanning process to remove old bans, so all the ban handling should be done by hand.
The best thing would to forward all ban* rcon commands to the banmaster and let it handle all this, but then we should make sure that only autorized access can modify bans.

[heinrich5991]

Note that you should adapt to the surrounding coding style (for example where to place the curly braces and also variable naming conventions). :)

Do you mean that someone could just send bogus banmaster packets to a server at the moment someone connects to it to get him banned? At least this shouldn't happen when using localhost as banmaster, which I made default.

This could even happen with localhost I guess. Also he doesn't need to send them the moment the clients connect - bans from the banmaster are accepted all the time.