pacBL - A proxy and cheater black list

[CtrlFreq]

A few weeks back, there was a thread here about creating a list that could be used by game owners to identify and reduce the impact of problem users. After discussing this idea with a number of people, I came to the conclusion that this idea was worth at least assembling a proof of concept.

The idea is simple - when players register or log-in to your game (or practically any time you like), you run a quick check against their IP address which, if found, will tell you two things: if they're listed as an offender, and what they're being listed for. With these these pieces of information, we as game owners can then decide if the player should be allowed to enter the game, or be sent away.

What I'm putting up today is that proof of concept, because I'd like to begin gathering feedback on the various details such an open system requires (types of violations, severity thresholds and weighting, entry life-cycle) to be widely consumed, as well as getting at least a few engine and mod authors busy testing this out for future inclusion or sale respectively. Including it in your app is easy, and since it's based on DNS, it requires no complex remote server calls or bloated libraries, and is fast and efficient.

For those wanting to see a basic implementation, it looks somewhat like this:

 

function ListedInPAC( $ipaddress ) {
	if (intval(gethostbyname(implode('.', 
		array_reverse(explode('.', $ipaddress))) . 
		'.list.pacbl.com')) == '127') 
		return true;
	return false;
}

 

Beyond a simple check to see if the host is listed, the return value can be evaluated, allowing you more granular control over who you allow and who you deny. I've put off documenting that quite yet, pending feedback from the community - I feel this to be a more reasonable approach than simply putting out there what I think it should be, and then making everyone change later.

As for the question that will ultimately emerge as the elephant in the room - it's free, and will remain so. DNS isn't friendly to profiteers, but it is also extremely efficient, so I have no issues with keeping this online, and acting like a philanthropist for doing so.

I apologize for the utilitarian nature of the initial site - it's a work in progress, and to date, I've spent more time worrying about security and functionality than of ease of use - while I won't promise to lay off the security, I'll be working diligently on making it prettier and easier to use.

Comments, critiques, and questions are welcome. Feel free to contact me either here or in PM.

For those still reading and/or who have just scrolled down and are interested in jumping right in, the url is http://www.pacbl.com/.

[mdshare]

Re: pacBL - A proxy and cheater black list

I like the concept of it

but still what with the DNS pools eg AOL

[CtrlFreq]

Re: pacBL - A proxy and cheater black list

 

but still what with the DNS pools eg AOL

Good question - I think AOL and BT both would be a good example of special use proxies that would require a special return code, allowing the game owner to allow those specific address ranges through; for example, a return code of 127.0.10.x could signify a "trusted" proxy, whereas 127.0.9.x could signify the anonymous variety - then game owners could just explode the return value, and allow anything with a third octet of 10, while rejecting those with 9s.