Need Help Sv_pure 1 with a proper whitelist (NEED SOMEONE TO TEST WHITELIST)

Stachekip

Stachekip

Gore-Spattered Heavy
Contributor
Edit: Whitelist needs testing. If anyone can quickly test this on a server and let me know if it works, please do so.

I don't disapprove of sv_pure 1 because it stops people from using undetected wallhacks and replacing the Spy decloak sound. The problem with it is that no one makes a proper whitelist for their servers, meaning people can't even use skins that don't give an advantage over others(such as viewmodels, certain player models, and the health meter).

I think the servers should have a whitelist that allows all skins EXCEPT ones that can produce wallhacks and replace the Spy decloak sound.

This is the whitelist:

Code: 
Whitelist
{
Whitelist
{
    //
    // 3 modifiers are allowed on file specifications:
    //
    //    from_steam        - only check the Steam cache for the
 
file (ignore anything on disk)
    //    allow_from_disk        - allow the file to come from disk
    //    check_crc        - used with allow_from_disk - server does
 
CRC checks on the client's file to make sure it matches
    //
    //    The default modifier on all files is allow_from_disk.
 
Thus, all files can come from disk and don't need CRC checks unless
    //    allow_from_disk can be set at the same time as check_crc.
 
Use the + character in between them to signify this:
 
allow_from_disk+check_crc.
 
 
    //
    // Three types of file specifications:
    //
    //    1. directory\*.*    - refers to all files under the
 
directory
    //    2. directory\...    - refers to all files under the
 
directory and all directories under that (recursively)
    //    3. directory\filename    - refers to a single file
 
 
    //
    // By default, when in pure server mode, most content file types
 
are only allowed to come from Steam.
    //
    materials\...            from_steam
    models\...            allow_from_disk
    sound\...            allow_from_disk
 
 
    //
    // Allow custom player models. Don't do CRC checks on them
 
because the clients may all
    // have different custom models and the server won't have them
 
all.
    //
    models\player\...        allow_from_disk
    materials\models\player\...    allow_from_disk
 
 
    //
    // Allow custom spray decals.
    //
    materials\temp\...        allow_from_disk
    materials\vgui\logos\...    allow_from_disk
    materials\vgui\logos\ui\...    allow_from_disk
 
 
    //
    //Unblocked content:
    //
    materials\models\buildables\... allow_from disk
    materials\models\player\...    allow_from_disk
    materials\models\weapons\...    allow_from_disk
    materials\models\items\...      allow_from_disk
    materials\models\flag\...      allow_from_disk
    materials\console\...          allow_from_disk
    materials\particle\...          allow_from_disk
    materials\Particles\...        allow_from_disk
    materials\sprites\...          allow_from_disk
    materials\props\...          allow_from_disk
    materials\Effects\...          allow_from_disk
    materials\signs\...            allow_from_disk
    materials\HUD\...              allow_from_disk
    materials\Tile\...              allow_from_disk
 
    //
    //Blocked Content:
    //
    sound\player\footsteps\...                    from_steam
    sound\player\spy_uncloak.wav              from_steam
    sound\player\spy_cloak.wav                from_steam
    sound\player\spy_disguise.wav            from_steam
    sound\player\spy_uncloak_feigndeath.wav    from_steam
    materials\Effects\sniperdot.vtf            from_steam
    materials\Effects\sniperdot_blue.vtf      from_steam
    materials\Effects\sniperdot_red.vtf      from_steam
    materials\HUD\scope_sniper_ul.vtf          from_steam
    materials\HUD\scope_sniper_ul_dx80.vtf      from_steam
    materials\water\...                      from steam
    materials\wood\...                        from_steam
    materials\concrete\...                    from_steam
    materials\metal\...                      from_steam
    materials\nature\...                    from_steam
 
}
 
Upvote 0 Downvote
Perseus Dash Jackson

Perseus Dash Jackson

Epic Skial Regular
Stachekip said:
Sv_pure 2 is even worse. And if you didn't read what I just said before, sv_pure 1 and 2 already make sound replacements ear piercingly loud.

And honestly, I have no idea why anyone would need to make the door opening sound louder. It's pointless and the sound is already pretty audible. In all of my years of making skins and sound replacements, I've never known of anyone who replaces the door opening sound.
Click to expand...

So is the Spy uncloaking, if you think about it. And I just did. There are so many ways in which you could gain quite a major advantage. Say with the door-opening. Say you're a Demoman on 2fort. Using the ScoRes, you lay seperate sticky traps at both spawn doors and stand at one. Since you've got the sound much louder and more distinguishable, you could hear the other spawn open all the way from there and kill them. Stuff like that.
 
[Interrogator]

[Interrogator]

Australian Skial God
Contributor
Perseus Dash Jackson said:
So is the Spy uncloaking, if you think about it. And I just did. There are so many ways in which you could gain quite a major advantage. Say with the door-opening. Say you're a Demoman on 2fort. Using the ScoRes, you lay seperate sticky traps at both spawn doors and stand at one. Since you've got the sound much louder and more distinguishable, you could hear the other spawn open all the way from there and kill them. Stuff like that.
Click to expand...
that would still be covered under spawn camping, so it wouldn't matter they would be reported regardless
 
Ruelel

Ruelel

Gaben's Own Aimbot
Contributor
Stachekip said:
Sv_pure 2 is even worse. And if you didn't read what I just said before, sv_pure 1 and 2 already make sound replacements ear piercingly loud.

And honestly, I have no idea why anyone would need to make the door opening sound louder. It's pointless and the sound is already pretty audible. In all of my years of making skins and sound replacements, I've never known of anyone who replaces the door opening sound.
Click to expand...
my pomf~ airblast sound isn't ear piercingly loud.
 
Stachekip

Stachekip

Gore-Spattered Heavy
Contributor
I've decided to go back to the whitelist idea. Give me some suggestions of things to block and I'll consider doing so. Here's the whitelist so far:
Code: 
whitelist
{
        //
        // 3 modifiers are allowed on file specifications:
        //
        //      from_steam                      - only check the Steam cache for the file (ignore anything
 
on disk)
        //      allow_from_disk        - allow the file to come from disk
        //      check_crc                      - used with allow_from_disk - server does CRC checks on
 
the client's file to make sure it matches
        //
        //      The default modifier on all files is allow_from_disk. Thus, all files can come from disk
 
and don't need CRC checks unless
        //      allow_from_disk can be set at the same time as check_crc. Use the + character in between
 
them to signify this: allow_from_disk+check_crc.
 
 
        //
        // Three types of file specifications:
        //
        //      1. directory\*.*                        - refers to all files under the directory
        //      2. directory\...                        - refers to all files under the directory and all
 
directories under that (recursively)
        //      3. directory\filename          - refers to a single file
 
 
        //
        // By default, when in pure server mode, most content file types are only allowed to come from
 
Steam.
        //
 
 
        //
        // Allow custom player models. Don't do CRC checks on them because the clients may all
        // have different custom models and the server won't have them all.
        //
        // models\player\...                      allow_from_disk
        // materials\models\player\...    allow_from_disk
 
        //
        // Allow custom spray decals.
        //
        // materials\temp\...                      allow_from_disk
        // materials\vgui\logos\...        allow_from_disk
        // materials\vgui\logos\ui\...    allow_from_disk
 
        //
        // Allow replay browser thumbnails.
        //
        // materials\vgui\replay\thumbnails\...  allow_from_disk
        //
        // (Uncomment and edit these for mods).
        // Allow mod resources to come from disk.
        //
        // materials\mymod\...          allow_from_disk+check_crc
        // models\mymod\...                    allow_from_disk+check_crc
        // sound\mymod\...                      allow_from_disk+check_crc
 
        // custom whitelist
        sound\player\spy_cloak.wav              from_steam
        sound\player\spy_disguise.wav          from_steam
        sound\player\spy_shield_break.wav      from_steam
        sound\player\spy_uncloak.wav              from_steam
        sound\doors\...                        from_steam
        materials\HUD\scope_sniper_ul.vtf                from_steam
        materials\HUD\scope_sniper_ul_dx80.vtf                from_steam
}

To keep things simple, I modified the whitelist to allow all files except ones we want to block people from replacing. As shown, I disabled people from replacing door sounds, Spy disguising/cloaking sounds, and the textures for the Sniper's scope overlay so people can't cheat and extend their field of view when sniping.
 
  • Like
Reactions: Isil
Bottiger

Bottiger

Administrator
Sorry but we aren't going with a blacklist.

I'm not interested in rebooting all the servers every time Valve changes the name of a file or we miss an exploit.
 
Stachekip

Stachekip

Gore-Spattered Heavy
Contributor
Bottiger said:
Sorry but we aren't going with a blacklist.

I'm not interested in rebooting all the servers every time Valve changes the name of a file or we miss an exploit.
Click to expand...
But what I listed on the blacklist was pretty much everything most people consider exploits, and Valve pretty much never changes the name of files. I've never heard of Valve renaming the file for the Sniper scope or the Spy cloaking/disguising sounds.

A blacklist is more reliable because you have to list less files, therefore it's EASIER to update than a whitelist listing tons of files. And about missing an exploit, that's why I said I'll add on to this if need be. If there are any exploits I missed, then by all means tell me and I'll add them. You won't have to restart the server often as most exploits are related to files that have been in the game since it was created anyway(Sniper scope, spy cloaking, doors opening). Valve never renamed these, and I doubt they ever will.
 
Bottiger

Bottiger

Administrator
If we miss an exploit people will spam the forums or refuse to play until the server is rebooted with the new whitelist.

This is a much worse outcome than someone not being able to use a random skin.
 
Stachekip

Stachekip

Gore-Spattered Heavy
Contributor
Bottiger said:
If we miss an exploit people will spam the forums or refuse to play until the server is rebooted with the new whitelist.

This is a much worse outcome than someone not being able to use a random skin.
Click to expand...

Has this happened before?
 
Stachekip

Stachekip

Gore-Spattered Heavy
Contributor
Isil said:
Probably not on Skial servers

but you should not underestimate the stupidity of someone autistic enough to really, honestly, genuinely care about modifying skins in game
Click to expand...

Either way, I've never seen any suspicious behavior in a Skial server, not even in the 2fort servers when they were sv_pure 0. The stuff I listed in my blacklist seems to be about everything that people are apparently known to replace to gain an advantage.
 
Stachekip

Stachekip

Gore-Spattered Heavy
Contributor
Here's a whitelist created by a Gamebanana user that basically blocks the same stuff that mine does. It was last modified three years ago, and yet still holds up today:

Code: 
Whitelist
{
    //
    // 3 modifiers are allowed on file specifications:
    //
    //    from_steam        - only check the Steam cache for the file (ignore anything on disk)
    //    allow_from_disk        - allow the file to come from disk
    //    check_crc        - used with allow_from_disk - server does CRC checks on the client's file to make sure it matches
    //
    //    The default modifier on all files is allow_from_disk. Thus, all files can come from disk and don't need CRC checks unless
    //    allow_from_disk can be set at the same time as check_crc. Use the + character in between them to signify this: allow_from_disk+check_crc.
 
 
    //
    // Three types of file specifications:
    //
    //    1. directory\*.*    - refers to all files under the directory
    //    2. directory\...    - refers to all files under the directory and all directories under that (recursively)
    //    3. directory\filename    - refers to a single file
 
 
    //
    // By default, when in pure server mode, most content file types are only allowed to come from Steam.
    //
    materials\...            from_steam
    models\...            allow_from_disk
    sound\...            allow_from_disk
 
 
    //
    // Allow custom player models. Don't do CRC checks on them because the clients may all
    // have different custom models and the server won't have them all.
    //
    models\player\...        allow_from_disk
    materials\models\player\...    allow_from_disk
 
 
    //
    // Allow custom spray decals.
    //
    materials\temp\...        allow_from_disk
    materials\vgui\logos\...    allow_from_disk
    materials\vgui\logos\ui\...    allow_from_disk
 
 
    //
    //Unblocked content:
    //
    materials\models\buildables\... allow_from disk
    materials\models\player\...    allow_from_disk
    materials\models\weapons\...    allow_from_disk
    materials\models\items\...      allow_from_disk
    materials\models\flag\...      allow_from_disk
    materials\temp\...              allow_from_disk
    materials\vgui\logos\...        allow_from_disk
    materials\vgui\logos\ui\...    allow_from_disk
    materials\console\...          allow_from_disk
    materials\particle\...          allow_from_disk
    materials\Particles\...        allow_from_disk
    materials\sprites\...          allow_from_disk
    materials\props\...          allow_from_disk
    materials\Effects\...          allow_from_disk
    materials\signs\...            allow_from_disk
    materials\HUD\...              allow_from_disk
    materials\Tile\...              allow_from_disk
 
    //
    //Blocked Content:
    //
    materials\models\weapons\w_sniperrifle... from_steam
    sound\player\footsteps\...                from_steam
    sound\player\spy_uncloak.wav              from_steam
    sound\player\spy_cloak.wav                from_steam
    sound\player\spy_disguise.wav            from_steam
    sound\player\spy_uncloak_feigndeath.wav  from_steam
    materials\Effects\sniperdot.vmt          from_steam
    materials\Effects\sniperdot.vtf          from_steam
    materials\Effects\sniperdot_blue.vmt      from_steam
    materials\Effects\sniperdot_blue.vtf      from_steam
    materials\Effects\sniperdot_red.vmt      from_steam
    materials\Effects\sniperdot_red.vtf      from_steam
    materials\HUD\scope_sniper_ul.vtf        from_steam
    materials\HUD\scope_sniper_ul_dx80.vtf    from_steam
    materials\water\...                      from steam
    materials\wood\...                        from_steam
    materials\concrete\...                    from_steam
    materials\metal\...                      from_steam
    materials\nature\...                    from_steam

The whitelist was created from an entire Steam forum thread brainstorming the perfect whitelist. It doesn't use the method I did(blacklisting), and basically does exactly what I did with my blacklist. It blocks the same things(Spy sounds, sniper scopes, etc.) but also blocks map materials.
 
Perseus Dash Jackson

Perseus Dash Jackson

Epic Skial Regular
It's a whitelist, which makes it that much better in regards to exploits. I can't find anything myself on it that might cause exploiting(and even if there are a few, since it's a whitelist, it will only need to be updated a few times)
 
You must log in or register to reply here.
Top Bottom