Inactive [ADMN/SEC] LockIP v0.4 - Limit players to one IP [1058]

Discussion in 'Inactive/Unsupported Plugins' started by SwearWord, Jun 16, 2011.

  1. Offline

    SwearWord

    Plugin: LockIP
    Version: v0.4

    Description:
    This is mostly for servers in offline mode. This plugin kicks users if they try to login from IPs not associated with their account so compromised passwords from won't be an issue as they are with an Auth plugin. Also no one likes having to enter passwords on server reloads.

    I do plan to create commands to allow users to specify more IPs themselves, I should have that done in the next few days.

    Features:
    • Limit users to certain IPs.
    • Specify what IPs for what user.
    • Doesn't include annoying host name info, easier to specify IPs.
    • Prevents account sharing.
    • Allows matching of partial IP.
    • Doesn't prevent housemates from playing together.
    • Can add last attempted IP to list of accepted IPs for any player from in game.
    Download
    Here

    Important:
    Editing users.txt while the server is running will not doing anything. As of now you can only edit the IPs when the server is stopped. Just go into the plugins/LockIP folder and open users.txt and add or remove IPs there.

    Configuration:
    Setting subnet=true will put LockIP into the following mode. It will only look to match the first 3 octets of an IP. So if my IP was 192.168.1.122, anything from 192.168.1.* would be allowed to connect. This could help with dynamic IPs, I'm not exactly 100% certain if they stay in the same subnet. However it does allow people from the same subnet to login as each other.

    Permissions:
    Code:
    LockIP.exempt - Allows a user through without checking IP.
    LockIP.admin - Allows user to add last attempted IP to list of accepted IPs for any other user.
    Commands:
    Code:
    /lockip <user> - Adds last attempted IP to specified user's IP list.
    Change Log:
    v0.4
    • Added /lockip <user>
    • Alphabetized flatfiles
    • Added permission node (LockIP.admin)
    v0.3
    • Added permission node (LockIP.exempt)
    • Removed Case Sensitivity
    v0.2
    • Added subnet matching
    v0.1
    • Initial release
    Credits:
    Thanks to Mixxit for originally coming up with this idea. Unfortunately, his plugin has been taken over by someone who is just pretending to support and update it. I didn't use any of his source but all my features are pulled from his plugin.
     
    HarcX and AS1LV3RN1NJA like this.
  2. Offline

    Dimitrias

    Where and how do I get permissions? Already tried installing them once, ended up having no idea what to do.
    Anyone know?
     
  3. Offline

    JesterAzazel

    This is a great plugin! I use it on my server and I wish more people would use it instead of that lame auth plugin.
    The only complaint I have is the LockIP.exempt feature. If you give your admin a * permission to give them access to everything it automatically gives them the exempt feature. And that's the kind of permission group you especially don't want just anyone to be able to log into.
     
  4. Offline

    Dimitrias

    That.
    I used a * and then someone hacked my admins. Until I noticed that LockIP has that feature. Now I had to look up every single permission thingy of EVERY mod, took me about 1 hour and I'm still not done.
     
  5. Offline

    SwearWord

    Wow. The intelligent thing to do would be to give people with - '*' the node -'-LockIp.exempt' thereby negating it. Please think for a moment before asking me to change something.
     
    AS1LV3RN1NJA likes this.
  6. Offline

    Dimitrias

    Yeah already thought there would be something like that, just couldn't find it. Sorry.
     
  7. Offline

    JesterAzazel

    I tried that. I guess not all permissions plugins come with that feature.
    My original comment stands...
    Why would there need to be an exempt feature anyway? Since there's a command that adds an IP to the accepted IPs for a name, I've just been using that instead of the exempt feature.
    "Please think for a moment before asking me to change something."
    Oh I'm sorry I thought constructive criticism was a good thing, since people usually use it to better their products. I didn't realize you just wanted people to tell you how awesome you are without giving any honest feedback. I'll just go then...
    But on a more positive note, I do still think this plugin is better than those awful auth plugins.
     
  8. Offline

    SwearWord

    I didn't realize this was a product and not something free.
    LockIP.exempt is for people who only want to lock admin accounts.
     
  9. Offline

    JesterAzazel

    Just because it's free you're going to be rude to people that give constructive criticism? Lol, whatever. Just voicing my opinion. That's what the forum is here for.
     
  10. Offline

    Zachary_

    Thank you so much, this plugin is everything I could have wanted in an auth plugin. It's perfect.
    Your suggestion of using the exempt permission for everyone except mods is brilliant.
    It lets me only lock certain groups to their ip, and not normal users.
    Don't listen to other users who try to put you down, you did a great job.

    Try to make it more customizeable by letting the server owner choose the kick message, kick interval, number of subnets, turn exempt permission on/off etc.
    Regards
     
    AS1LV3RN1NJA likes this.
  11. Offline

    Buckethead

    so does this automatiacally add people when they first log on to the list of allowed ips or do i have to go through like 200 people and do /lockip user
     
  12. Offline

    Zachary_

    It locks a player to their ip on their first login and saves it in a text file.
     
  13. Offline

    Buckethead

    ok and theyll get a msg or sumthing if they try to log in from somewhere else and get kicked

    not to shoot down ur same subnet teory about ur ip getting changed but me and a few friends had ours changed and they were not in the same subnet at all. also for the subnet option true or false. do u mean only a class c subnet aka 255.255.255.0 aka /28 or just if the ip changes in whatever the modems subnetmask is they connect with.:cool:

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 16, 2016
  14. Offline

    SwearWord

    @Buckethead
    I'm a day away from releasing a geoauth plugin.

    If IP check fails -> checks geography.
     
  15. Offline

    Buckethead

    ok cool i guess that narrows the odds. also i noticed that they are still loged in for a moment before they are kiked. is it possible to COMPLETLEY stop them from even loging in.

    imagine it as a whitelist check for ips
     
  16. I quite like that, as if i'm ingame then i get a quick reminder to check the console.
     
  17. Offline

    Buckethead

    YES! that would make it complete
     
  18. Offline

    Haekon

    Oh....

    I was hoping this worked in the exact opposite way, by preventing alt accounts (limiting an ip to one character, instead of a character to one ip) But, nice work tho.
     
  19. Offline

    Buckethead

    yeah i thought that to. i would like that as an alternate
     
  20. Offline

    wacossusca34

    Can you add a way for this to apply to OPs and Admins? I need a much better security on my server :/

    And please don't change it so users can change their IP logins. At least make that feature toggle-able.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 16, 2016
  21. Offline

    forceserver

    I am foreign.
    I do not speak English well
    So I explain briefly.
    My server is a guild server.
    If any user is connected to a different account
    F3 Clik
    This place is exposed
    i am finding that plugin
    exameple
    if you are gamer
    if you don't login in web ,you don't login game...
    or
    if user lock ip
    but if user login webpage login reload ip
    I say again
    I am foreign.
    I do not speak English well
    So if you feel a dilute to see
    I',m sorry
    Please Give me to understand
    I LOVE BUKKIT AND MINECRAFT
     
  22. What? I meant i like it the way it is.
     
  23. Offline

    Buckethead

    i dont get alerts
     
  24. Not alerts, but people logging in and quickly logging out again. I see something is wrong, check the console (use EasyBan's /ehistory feature) and fix it.
     
  25. Offline

    Buckethead

    easy ban cool il look that up
     
  26. It's a must have for offline servers IMO.
     
  27. Offline

    masterjohn12

    hey guys version 1058? i thought it was only 1000 and 1060. im a noob i know but can someone let me know if this will work for 1000?
     
  28. Why are you using 1058? It would be best to update to the latest RB (recommended build) 1060.
    And yes, I don't see why it wouldn't.
     
  29. Offline

    masterjohn12

    most of my stuff are 1000, and i'm not sure if i upgrade the rb the mods will still work
     
  30. Offline

    jedimaster0

    Just wanted to say Awesome Plugin! You are a genius, and for the record I am running CB 1060 with like 20 plugins, including the new PermissionsBukkit with the "LockIP.exempt: false", and no problems here. For now anyway, problems have a way of finding me (T_T)\(^_^)
     
  31. Offline

    Buckethead

    i noticed people are still loged in for a bit before they get kicked is there any way to make it so they cant even join sort of how like a whitelist does

    i also get kicked often because people try to use my account name can this NOT happen

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 16, 2016

Share This Page