Feedback & Suggestions
-
Have fun making themes for it. If you hadn’t noticed, it’s very locked down as it uses ionCube.
-
Working
How to work with clans, has not understood yet
-
Ok guys, as main developer I have to say thanks for the testers, but if you want the powerful rewritten version, you have to be patient. It’s quite hard to reprogram something like that from scratch!
Maybe someone has a PHP-Coder that could speed up the progress? Would be nice.I’m putting it into the Forge this week, I promise!
New features of the new Version will be:
-
multiple bank accounts
-
shared bank accounts
-
Plugin System for FLHook
-
(Plugin System for webinterface)
-
much cleaned up code!
-
Depot feature will come later
So feel free to add suggestions!
@Helloween: How do you use it? with some kind of forum software or with standalone login by bulldog, on each version you need to have usergroups for the clans, so if you are in a clan usergroup, you get access to that clan’s “page”, group leaders get clanadmin rights
-
-
2Tai: Standalone. While only for myself. I am afraid to hang out in an Internet since communication with flhook goes on not secure channel…
It is a pity that the remote interface of flhook not ssh
Whether are there any telnet<->ssh tunnels?
P.S. Thx for clans note
-
yeah I’ll do, but it will take a while, haven’t even got char connection ready
only feature that has been finished is the Bank, atleast from what I know
@ssh: hmm let’s get a developer to do that ^^
hmm you also could use a python script as ssh-server, that forwards the commands to flhok, if you run that on the server, all will be fine, I think at least
-
Another one idea to encrypt user/admin session:
1. Web Server must be on machine with Fl Server or placing with same secure firewalled LAN
2. Web Server must use only Https protocol with pre installed self-signed sertificate and port forwarded to outside to Internet
3. User connects to it from Internet by browser like https://myFLProfile.atThisFL.ServerSo sessions between web server and fl server are secured against public access from internet
And session between web server and user are secured by https.
-
I am afraid that when using a web interface to hook over internet administrator password may be intercepted .
-
@HeIIoween:
I am afraid that when using a web interface to hook over internet administrator password may be intercepted .
Believe FLhook can set the IP’s who have admin rights from the console.
And “standard” admins shouldn’t have console access to flhook, just ingame. -
Believe FLhook can set the IP’s who have admin rights from the console.
I believe. *nix and active networking hardware may do this too, but why all using ssh? For more security reasons.
After all Besides udp-flood and trojans there is still a heap of any mucks, sniffing of passwords for example.
All know, that “True” protection does not exist, everything can be broken, but prevention is never thwarted…
Especially in view of recent events %((And “standard” admins shouldn’t have console access to flhook, just ingame.
I agree. But we want, that all administrators could do the work through the web interface without remembering a command and without starting game in the same way as it is done by system administrators on almost any device or a server
-
I’ve finished implementing Blowfish encryption over FLHook’s socket connection. I’ve made new builds of both my FLHook (zip) and the plugin version (the changes couldn’t be implemented as a plugin) with the encryption option. In addition, I extended the telnet class used by FLSES to make a BlowfishTelnet class that functions exactly the same as the original class but with encryption, so it’s a drop-in replacement. It’s attached to this post and uses the Crypt_Blowfish package to do the encryption/decryption.
-
Thx M0tah!
-
I’ve updated both of the builds to fix two bugs I found: FLHook sometimes wouldn’t send any data over the socket connection when it should have and the “Goodbye.” message wasn’t sent encrypted.
I also made a dummy windows socket DLL that can make any application that uses windows sockets 1 send/receive encrypted data. This means you can use it to “retrofit” any existing FLHook build to be compatible with the blowfish encryption. You can also use it to make the command line telnet utility that comes with Windows compatible with the encryption - just copy telnet.exe from the system32 directory to a new directory and copy wsock32.dll and key.txt to the new directory and run telnet from the command line as usual. It can be downloaded here.
