JASS 3.2.0 - Jedi Academy Server Security

JAZZ - Jedi Academy Server Security. In short, jazz is a project created to protect servers on the so-called basic mod - "basejka". Yet, it also increasing protection of other mods. Based on the QMM source code.

JASS 3.2.0 - Jedi Academy Server Security

Lets get this straight first I did not write JASS a JA coder named Zylden did. This is a tutorial based from his instructions in the readme.txt file how to get it working either a Windows or Linux based operating system. But first lets see what JASS has to offer, list of fixed vulnerabilities, that are patched are:


1) msgbof.
2) votebof.
3) infobof.
4) forcecrash.
5) teamcrash.
6) votebug/cbufexec.
7) dirtrav.
npccrash.
9) limitbug.
10) gcrash.
11) RCON disabler.
12) RCON bruteforce.
13) Fake Players DDoS.
14) RandomPacket DDoS.
15) UnBan.
16) Remove all possibilities of damage to the game content - for example, by writeconfig.
17) Removed posibillity to «kill server» — to shutdown it that way that restart script won't work.
18) Well, little more things.
19) Does not protect again getstatus/getinfo flooding - Wookiee


Installation for Windows

1. Open a folder with mod in which you wish to place JASS (usually it is base);
2. Find a file jampgamex86.dll. Rename to jass_jampgamex86.dll.
3. Unpack zzz_jass.pk3, jass.dll, jassconfig.cfg, ban.bat and plugins folder into a folder
with mod ("base", "japlus", "MBII", "clanmod", "lugormod", "makermod", etc.).
4. Rename jass.dll to jampgamex86.dll
5. Unpack jass.ini and pdb.dll into the servers Gamedata folder that contains jamp.exe or jampDed.exe
6. Adjust jass.ini, following the comments.


Installation for Linux

1. Open a folder with mod in which you wish to place JASS (usually it is base);
2. Find a file jampgamei386.so. Rename to jass_jampgamei386.so.
3. Unpack jass.so, jassconfig.cfg and plugins folder into a folder with mod
("base", "japlus", "MBII", "clanmod", "lugormod", "makermod", etc.).
4. Rename jass.so to jampgamei386.so
5. Unpack jass.ini and pdb.so into a folder Gamedata.
6. Adjust jass.ini, folowing the comments.



Lets look at an example of a Windows jass.ini

#JASS Configuration File
#Settings specified in this file override default or auto-detected settings
#Text after # symbol is ignored by JASS

#==========================================================================

#This file contains only paramters for base foldes
#If JASS is installed into another folder, you must write this name
#This section of parameters must be copied for every JASS folder

#Folder name
"base" { # Change this to the name of the mod you are using like japlus
#Specifies file name of mod to load
# Default = "jass_jampgamex86.dll"
"mod" "jass_jampgamex86.dll";

#Enable/disable JASS logs
# 0 to disable
# 1 buffered logs. Reduces the stress on the HDD,
#but the last crash record may not be saved
# 2 instantaneous logs. Increases the stress on the HDD,
#but the last crash record will be be saved
# Default = '1'
"log" '0';

#Log file name
# Default = "jass.log"
"logfile" "jass.log";

#JASS script file
# Default = "jassconfig.cfg"
"execcfg" "jassconfig.cfg";

#Anti-Fake protection parameters
#Logical fake detection (1 to enable, 0 to disable)
# Default = '1'
"fakedetect" '1';
#Limit of connections for IP address (not recommended)
#Set 0 to disable limit
# Default = '0'
"maxplayersperip" '3';

#Ban method
#0 - JASS native. Can work anywhere.
#1 - Script. The script may contain a ban through the firewall, router or proxy server
#2 - Ban using both JASS native and script methods.
# Default = '0'
"bantype" '2'; # Use both as they help.
#Script name
"banscript" "japlus/ban.bat"

#List of plugins to load (not limited)
"plugins" (
"plugins/protection.dll";
"plugins/AntiDDoS.dll";
#"plugins/plugin.dll";
)
}

#Disabling the greeting
#1 to disable, 0 to enable
"nogreeting" '1'


#==========================================================================


Now for jassconfig.cfg file

set jass_forceAntiDDoS 0 #force it on use all features
set jass_forceOtherFixes 0 #same as above


#==========================================================================


JASS Ingame Commands

To get list of jass commands, type in server console command "rcon jass". (Rcon password is needed here to view the list of commands below)
Usage: jass <command> [params]
Available sub commands:
status - displays information about JASS.
list - displays information about loaded JASS plugins.
load <file> - loads a new plugin.
info <id/str> - outputs info on plugin with id.
pause <id/str> - pauses plugin with id.
unpause <id/str> - unpauses plugin with id.
unload <id/str> - unloads plugin with id.
force_unload <id/str> - forcefully unloads plugin with id.
shutdown - permanently unloads JASS except for neccesary functions.
Folowing commands will be available only if AntiDDoS plugin is loaded:
ban <IP/range> <minutes> - bans IP via JASS.
unban <IP/range> - unbans IP via JASS. Type "all" to clear banlist.
banlist [list_num] [count] - shows banlist.



This will even work on older released mods OR linuxjampded/jampded that were not patched so that you're server is protected under JASS.

Here are two links below one from the main site where Zylden has it uploaded and one from mine.

JASS 3.2.0

Windows - Mirror
Linux - Mirror

Caelum asked me to write up a quick tutorial on this and many thanks to the coder of JASS 3.2.0 for making it possible to secure the Jedi Academy servers.


UPDATED 30/04/2013


--Wookiee