pyBEscanner

[Torndeco]

@helldesign
Like i said your player = received info on loadout from server...
Thus battleye didn't log u having the bino

When u press escape it causing u to sync your inventory to server, battleye detects the binocs, pyBEscanner bans for binocs entry

pyBEscanner doesn't scan server logs for player inventory's yet....
So basicly when player inventory syncs with banned items, battleye creates a log, pyBEscanner scans log + bans for item.

 

[Torndeco]

@cortez
U really need to run pyBEscanner in a console window
If u are using windows, command prompt
cmd.exe

This way the window is still open after pyBEscanner closes / crashes u will get error info on why..

 

[Torndeco]

@D9IDbKA
I look into it tomorrow, but u can just ignore pyBEutility.pl its a work in progress.
And it really only offers option to tell pyBEscanner to pause scanning + to resume scanning atm.

U don't need it, to run / use pyBEscanner.
Its just an extra script i gonna add bits & pieces to, that don't need to be pyBEscanner itself.

 

[Torndeco]

@Strikes
Almost have it, u just need the escape chars for the brackets...

"ublicVariableServer"Teleported";_Teleported="helihempty"createVehicle\(position player\);"

So by adding this to the scripts.kicklist, player gets kicked + doesn't get banned.

Helpful links =
http://docs.python.org/2/library/re.html
www.pythonregex.com

 

[cortez]

Anyone else having an issue with the rcon connection then disconnection straight away?

 

[Torndeco]

@cortez
That is normal behaviour.
pyBEscanner is launch another app, that connections to your server.
It issues the kickplayer or reloadbans command, + then disconnects from your server.

 

[cortez]

You may want to change that, i see no reason for you to be issuing a login command every couple of seconds for it to connect and disconnect? why not make it so the rcon has a constant connect to the server? this way you're not spamming the output window with content / disconnect. The rcon will lose connection after 45 seconds in any case so just make sure to send a reload ban list command say every 30 seconds or something which should keep your output window nice and clear.

 

[k4n30]

I have been having issues where the reloadbans isn't working. The bans are getting added to the banlist but the command isn't always sent, sometimes up to half an hour later (after another ban is added) or even having to do it manually. I haven't made an issue yet as I don't know what's causing it.

I notice it only seems to do it on symlinked banlists using the symlink option in the config.

Disclaimer: I have a single server on its own which works fine, and 2 Dayz servers on another server which is where the issue is

As for keeping the connection open, I'd prefer not to do that as it's taking up another rcon connection fulltime and we only have 4 to play with. With the other tools we use this would be an unnecessary connection wasted 24/7

 

[helldesign]

Just checking if these bans are false positives (I'm posting it here, since they are added by pyBEscanner):

xx.xx.xxx.xxx -1 22.01.2013 08:47:26: HapaBG in addmagazinecargo

22.01.2013 08:22:59: HapaBG (xx.xx.xxx.xxx:2304) 192a789cbca96fc2b5c160e480d681e8 - #9 "20Rnd_762x51_DMR" 0:0
22.01.2013 08:23:10: HapaBG (xx.xx.xxx.xxx:2304) 192a789cbca96fc2b5c160e480d681e8 - #9 "1Rnd_HE_M203" 0:0
22.01.2013 08:33:53: HapaBG (xx.xx.xxx.xxx:2304) 192a789cbca96fc2b5c160e480d681e8 - #8 "1Rnd_Smoke_M203" 0:0
22.01.2013 08:33:53: HapaBG (xx.xx.xxx.xxx:2304) 192a789cbca96fc2b5c160e480d681e8 - #9 "1Rnd_Smoke_M203" 0:0
22.01.2013 08:47:26: HapaBG (xx.xx.xxx.xxx:2304) 192a789cbca96fc2b5c160e480d681e8 - #9 "20Rnd_762x51_DMR" 0:0
22.01.2013 08:47:26: HapaBG (xx.xx.xxx.xxx:2304) 192a789cbca96fc2b5c160e480d681e8 - #9 "200Rnd_556x45_M249" 0:0

I'm wondering why this guy was banned by the scanner?


And another one:

xx.xx.xxx.xxx -1 22.01.2013 01:07:14: SchockeR in createvehicle

22.01.2013 01:07:13: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:516 2:147 Mi17_DZ [11587,7430,206] [0,-29,-3]
22.01.2013 01:07:13: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:517 2:147 Mi17_DZ [11587,7432,207] [0,29,3]
22.01.2013 01:07:13: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:518 2:147 Mi17_DZ [11587,7430,206] [0,-29,-3]
22.01.2013 01:07:13: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:519 2:147 Mi17_DZ [11587,7432,207] [0,29,3]
22.01.2013 01:07:13: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:520 2:147 Mi17_DZ [11587,7430,206] [0,-29,-3]
22.01.2013 01:07:13: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:521 2:147 Mi17_DZ [11587,7432,207] [0,29,3]
22.01.2013 01:07:14: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:522 2:147 Mi17_DZ [11587,7430,206] [0,-29,-3]
22.01.2013 01:07:14: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:523 2:147 Mi17_DZ [11587,7432,207] [0,29,3]
22.01.2013 01:07:14: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:524 2:147 Mi17_DZ [11587,7430,206] [0,-29,-3]
22.01.2013 01:07:14: SchockeR (xx.xx.xxx.xxx:2304) d7f6d15401c2ca3186dfc2f13a9b4b6d - #0 "CMflareAmmo" 160:525 2:147 Mi17_DZ [11587,7432,207] [0,29,3]

Many bans lately , but I'm not sure which is false positive...

 

[k4n30]

What map is this on? Also are they in createvehicle-bans.txt or createvehicle-spam.txt? Same for the addmagazinecargo?

 

[Torndeco]

@cortez
Its a console window, i really couldn't care to much about the output to be frank.
U can always alter the C# apps if u want to source code or link to source code is included.
But i didn't create apps, so i rather keep them as author created them.

pyBEscanner only calls the C# apps when there is a reloadbans / kickplayer is needed.
If it is spamming your console window, u either got alot of hackers.
Or u have another script / program that is changing the modified timestamp on bans.txt

@k4n30
Check if your output to console has
Reloading Bans: <server_name>
For all your servers, when it comes to reloading bans or not.

@helldesign
CMflareAmmo got removed from pyBEscanner filters 17 days ago

As for addmagazinecargo entries, i gonna assume u have a custom banlist u created.
Pretty sure no default filter bans for 20Rnd_762x51_DMR

Also like k4n30 helps to say which logs pyBEscanner put them into i.e bans / spam logs

 

[k4n30]

@Torndeco - yeah it does, but like I said I cant reproduce it. I only know it happens because someone will be banned at 12:10, then again at 12:30 then again at 12:50 for example - These are the times for the lines in the *-bans.txt so I wondering if the ban only kicks in on restart of my symlink has failed somehow

Anyone recommend a good program to symlink ban files across the same partition. And on the off chance they can also do it across network drives too

 

[Torndeco]

@k4n30
http://technet.microsoft.com/en-us/library/cc753194(v=ws.10).aspx

For creating symlinks on windows...
Its really part of OS / Filesystem, so any tool is just gonna make the same thing,

Note pyBEscanner doesn't create the symlinks for u.
Would require not so nice code + pyBEscanner needing admin privileges.

-------
-------

Double check u can open your servers ban.txt files in a text editor + to check your bans.txt links are still working correctly.
If that is working do u me a favour & check the timestamp on your bans.txt // bans-pyBEscanner.txt and check it is for the first occurance of the ban aswell

 

[superlube]

For symlink, i use this: http://schinagl.priv.at/nt/hardlinkshellext/hardlinkshellext.html#download
Only need to right click/'pick source' and then right click/'drop as hardlink'. Two clicks done.

@TorndecoHey man,

I'm getting the issue below. I read in earlier posts that this error likely due to incorrect filters but I have been using the default ones. I know i'm doing something stupid like the time I spent 2 hours trying to get pyBEscannerto work before I realised I was trying to open it with perl

  File "C:\ServerTools\pyBEscanner-master\pyBEscanner.py", line 301, in <module>
    main.start()
  File "C:\ServerTools\pyBEscanner-master\pyBEscanner.py", line 256, in start
    logs_battleye.Scanner(server).scan()
  File "C:\ServerTools\pyBEscanner-master\modules\logs_battleye.py", line 212, in scan
    self.scan_battleye_logs(log)
  File "C:\ServerTools\pyBEscanner-master\modules\logs_battleye.py", line 94, in scan_battleye_logs
    x)
  File "C:\ServerTools\pyBEscanner-master\modules\logs_battleye.py", line 283, in scan_log
    entries_guid.append(code[0])
MemoryError

Cheers

 

[k4n30]

@superlube that's what I use - Just wish it could be used across different partitions (ie network drives)

@Torndeco yeah its all working and has been, its just the reloadbans doesn't seem to be working

 

[helldesign]

My server's map is Chernarus. I'm using pyBEscanner version from 20.01.2013 and maybe I need to update to the newest version...



createvehicle-spam.txt -> http://pastebin.com/eEuC1YHA
(that guy with the flares)

addmagazinecargo-bans -> http://pastebin.com/V90AYrbB
dmr etc. mags




createvehicle.spamlist:

4 1 BAN .
5 8 BAN ..

createvehicle.banlist -> http://pastebin.com/vJryHLPE
"Mi17_TK_EP1" - i assuming that maybe this is the entry causing problems with the flares?
But I dont see 200Rnd_556x45_M249, m107 etc mags ...


addmagazinecargo.banlist -> http://pastebin.com/dsiSnmAn

addmagazinecargo.spamlist is Empty

This is in "dayz-default", in "dayz-weapons" everything is empty.

 

[Torndeco]

@helldesign
U are running a custom addmagazinecargo.banlist, and u have for some reason removed all the quotes

For example u have

M249

in your ban list
so when it scans

#9 "200Rnd_556x45_M249" 0:0

It picks up on M249 & bans the player.
But if u had

\"M249\"

it would have just banned for the weapon & not the ammo which is used in M249_DZ.
All the other bans are for similar cases

Have a look @
https://github.com/Torndeco/pyBEsca...dayz-weapons-default/addmagazinecargo.banlist

As for the flares it is trigger by spam detection, edit the spam rules so it doesn't get trigger as easy if u want...
Altering the filter code this weekend to make it easier to add exceptions to spam detection.

@k4n30
Very odd since the reloadbans C# app is launched straight after u see Reloading Bans: <server_name> in console...
If u want u could add some debug output to reloadbans app + check its launching correctly if u want.


I will look into changing options for BANS slightly this weekend, that should solve the network drive issue i believe.
Won't sync bans if they are made with another app i.e dart, would need to think over that one.
i.e
1 = Bans.txt are seperate per server
2 = Bans.txt are seperate per server, but new ban via pyBEscanner is added to all servers bans.txt
3 = Bans.txt are symlinked.

 

[Torndeco]

@superlube
Looks like u ran outof memory there
So either u hit the memory boundary with 32bit python, or u could buy more ram lol

Seriously i am gonna assume your battleye logs haven't got rotated in a long time / are very large.

If u got a 64bit processor & over 4gb ram, u could try and use python 64bit version, but it will may take some time to scan the logs.
Or u could just move/delete the battleye logs & pyBEscanner should work then for u.
pyBEscanner backups & trims the battleye logs, so u shouldn't enocounter that issue again.

 

[superlube]

Haha, you were right. I had a stray 4GB txt file which I had not included in my daily log backup batch hence how it got to that size. Obviously, the 32bit Python isn't going to fully utilize my 16GB ram. (I couldn't even open the file in notepad++)

Thanks for your help!

 

[helldesign]

Thanks a lot Torndeco


Edit: Btw last night I updated to the last version of pyBEscanner, removed all custom weapon changes, spawns/custom filters in pybescanner and BattlEye (removed all banned weapons in publicvariableval), everything is by default - and still have false bans:

addmagazinecargo-unknown-bans.txt

24.01.2013 04:47:43: Michael: (*) 12833981977e39dc2129711ed6b4ade7 - #0 "FlareGreen_M203" 0:0
24.01.2013 04:47:45: Michael: (*) 12833981977e39dc2129711ed6b4ade7 - #9 "20Rnd_762x51_DMR" 0:0
24.01.2013 09:55:03: Michael: (*) 12833981977e39dc2129711ed6b4ade7 - #9 "30Rnd_9x19_MP5SD" 0:0
24.01.2013 09:55:07: Michael: (*) 12833981977e39dc2129711ed6b4ade7 - #9 "30Rnd_9x19_MP5SD" 0:0
24.01.2013 10:22:15: Nikit021BG: (*) 969781b086e8d0530a88c7942b4040ce - #9 "20Rnd_762x51_FNFAL" 0:0
24.01.2013 10:22:15: Nikit021BG: (*) 969781b086e8d0530a88c7942b4040ce - #9 "20Rnd_762x51_FNFAL" 0:0
24.01.2013 10:39:46: Debus: (*) 9128cbdf2646bfbdef13c4b99c881eab - #9 "20Rnd_762x51_DMR" 0:0
24.01.2013 10:39:46: Debus: (*) 9128cbdf2646bfbdef13c4b99c881eab - #9 "10Rnd_127x99_m107" 0:0
24.01.2013 10:39:46: Debus: (*) 9128cbdf2646bfbdef13c4b99c881eab - #9 "20Rnd_762x51_DMR" 0:0
24.01.2013 10:47:13: Hapa-BG: (*) 192a789cbca96fc2b5c160e480d681e8 - #9 "10Rnd_127x99_m107" 0:0
24.01.2013 12:35:29: Gazelle: (*) 671895f8493f899dd7b362df6d260a29 - #1 "ItemTankTrap" 0:0

I don't see anyone else with similar issues, so probably I'm doing something wrong again...