Nephthys - Manual

Legend

Nephthys console command
Todo - not yet implemented

In Brief

Title	Nephthys
Version	v1.0
Description	Nephthys is a native mod for Unreal 1 servers which extends IpDrv by efficient attack blocking, banning, player logging and other features.
Release Date	27.12.2004
Authors	Winged Unicorn, Zora
Email Address	winged_unicorn@legendofvandora.net, zzora@gamebox.net
Filenames	Nephthys_v1.0.zip
DLLs	Nephthys.dll, IpDrv.dll
Scripts	Nephthys.u
Unreal Compatibility	224v, 225f, 226b (Gold), 226f
OS Compatibility	Windows 95, Windows 98/ME, Windows 2000, Windows XP, Windows NT 4, Linux (Wine)

Features

Integration
- Nephthys may be combined with any game type and any other server mod running simultaneously (except Kerberos)
- Nephthys replaces Kerberos completely
- Pure server-side mod: the client does NOT need to download anything nor does even know that there's a security mod running
- Nephthys may be used by clients too (though without any advantage/disadvantage)
- Remote admin control
- Native support of win32 224v, 225f, 226f
Attack blocking
- RJA (Repetitive Join Attempt) attacks
  - Block only one IP, allow other IPs to reconnect, especially allow map change
  - Don't log connection attempts from this IP any more
  - Kick all connections from this IP since attack started (clean up)
  - Don't kick attacking IP (yet)
  - Optionally insert ban entry automatically
  - Recognize when attack has stopped
  - Block RQA (Repetitive Query Attempt) attacks as well
- DRJA (Distributed Repetitive Join Attempt) attacks
  - Don't accept any new connections while under attack (reconnect is supported, even map change)
  - Don't log anything
  - Don't insert ban entries
  - Kick all connections from since start of attack (clean up)
  - Don't kick players
  - Recognize when attack has stopped
  - Block DRQA (Distributed Repetitive Query Attempt) attacks as well
Bug fixes / work arounds
- Zombie bug (reconnect) attack ==> drop connection
- Unreal engine format string bug attack ==> drop connection
- Auto-closing multiple connections to same player to avoid server lag with reconnecting fast client computers
Banning
- Banning blocks a connection before opening, so banned clients can't even download stuff from server and thus causing lag nor can do other harmful things
- Bans may block the client's server query as well so the server becomes invisible to the banned client (stealth mode)
- Banning by IP (range)
- Banning by Name
- Timed bans
- Name reservation bans
- Alert new ban entries
- Alert applied bans
- Alert disabled bans
- Ban disabled when admin online
- Log any applied ban
Kicking
- Drop connection immediately
- Support kick of uploading connections
IP log
- Automatic logging of IPs and names (IP ranges supported too)
- Log by IP (range)
- Limit log to a fixed number of entries
- Count various events
- Admin command to ask for names of a known connection / IP
File Upload
- Alert uploads
- Limit uploads to a config max size per conn, reconfigurable during game-play
- Limit uploads to a config max size of package
- Limit upload bandwidth to available bandwidth, possibly throttled down
- Admin command to ask for details of progress
Server Query
- Additional server rules to display at advanced game clients (GameSpy, QTracker)
- Player rules may report bots, spectators and cameras additional to real players
UScript Interface
You may write an extension mod for Nephthys using this UScript API:
- Events (UScript called by Nephthys)
  - New connection blocked
  - New connection created
  - New connection closed
  - PreLogin passed
  - File Upload
  - Login passed
  - Established connection closed (kick)
  - Logout passed
  - RJA started
  - RJA stopped
  - DRJA started
  - DRJA stopped
  - New ban entry inserted
  - Ban entry changed
  - Ban entry deleted
- Functions (UScript calls Nephthys)
  - Add new ban entry
  - IpNameIsBanned?
  - Close connection (Kick)
  - Get info of given player
  - Get info of given connection (e.g. uploading file: name, current size, total size)
  - Delete ban entry
  - Get all ban entries for given IP/Name
  - Get all log entries for given IP/Name
  - IsDRJAAttack?

User Manual

Installation
TAKE CARE OF WHAT UNREAL VERSION YOU USE! THESE FILES ARE NOT COMPATIBLE TO OTHER VERSIONS THAN GIVEN IN THE ZIP ARCHIVE's FULL PATH NAMES!
1. Terminate your Unreal server
2. Backup your IpDrv.* files of your Unreal\System folder
3. Backup your server's Unreal.ini file of your Unreal\System folder
4. Copy all new files to your Unreal\System folder, depending on the installed patch
5. Remove Kerberos from ServerActors (if present)
6. Remove Kerberos (mutator) from command line (if present)
7. Edit your server's Unreal.ini file by commenting out UdpServerQuery (or KrbServerQuery) and adding a new line, so that it looks like this:
  ;ServerActors=IpServer.UdpServerQuery
  ServerActors=Nephthys.NptServerQuery
8. Start your Unreal server
9. Take a look at your server console: you should see a startup message of Nephthys (you may have to scroll back - Nephthys is started in a very early position!)

Options - Nephthys' settings can be customized in server's Advanced Options -> Networking -> Nephthys.

Nephthys Driver
The Nephthys Driver expands the original IpDrv network driver. It controls all connections of joining / joined players.
Additional to logging Nephthys may show various events to players, customizable by Show... (admins only) and ShowPublic... (other players only). Those options may have the following settings:

Value	Description
ESM_Off	Don't show this event. If you just like to enjoy playing without getting informed how Nephthys works, then use this value everywhere.
ESM_Silent	Show this event without beep. If you think Nephthys beeps too much, then use this value instead of ESM_Beep.
ESM_Beep	Show this event and beep. If you usually ignore the chat and want to be beeped by Nephthys' events, then use this value instead of ESM_Silent.

Options:

Attacks

DRJA - Distributed Repetitive Join Attempts. Known as fake player attack, recognized by fast joining "Test" players, from multiple different IP addresses. This is a DoS (Denial of Service) attack attempt.

Option	Default	Description
ConnCountForDRJA TimeDeltaForDRJA	10 10	Max number of new connections per TimeDeltaForDRJA seconds based on all IPs, more than this is considered to be a DRJA (Distributed Repetitive Join Attempt) attack, resulting in ignorance of all further join attempts until the attack is over.
ShowDRJA	ESM_Beep	How to show detected DRJA attacks to all admins

RJA - Repetitive Join Attempts. Known as fake player attack, recognized by fast joining "Test" players, from single IP address. This is a DoS (Denial of Service) attack attempt.

Option	Default	Description
bAutoBanRJA	false	Whether to add a ban rule for this IP automatically
ConnCountForRJA TimeDeltaForRJA	5 10	Max number of new connections per TimeDeltaForRJA seconds based on a single IP, more than this is considered to be a RJA (Repetitive Join Attempt) attack, resulting in ignorance of all further join attempts from this IP until the attack is over.
ShowRJA	ESM_Beep	How to show detected RJA attacks to all admins

Banning - settings of the banning module

Option	Default	Description
BanTable	all empty	All defined banning rules. Never change a setting here directly, or server will crash! Use the Ban commands instead.
ShowBan	ESM_Beep	How to show any change of the ban table to all admins
ShowSuspect	ESM_Silent	How to show any matching rules not applied due to (temporary) deactivation to all admins

Commands - settings for remote command interface

Option	Default	Description
ShowCmdError	ESM_Beep	How to show errors while executing remote admin commands. If your server is always accessible by server console you may set this option to ESM_Off.
ShowCmdResult	ESM_Silent	How to show results of remote admin commands. If your server is always accessible by server console you may set this option to ESM_Off.

Connections - settings concerning player connections

Option	Default	Description
bKillDoubles	true	Whether to kill double connections of players with same IP / Name to get rid of unused (bandwidth eating) connections quickly. This may cause players with same IP having to connect one after each other, not both at once.
HoldConnSeconds	10	How long (in seconds) to hold information about a connection after it is closed. This information is needed e.g. to detect RJA attempts, but also to avoid false alarms of Zombie bug (reconnect) attacks.
ShowBlock	ESM_Beep	How to show connection blocks to all admins.
ShowKick	ESM_Beep	How to show kicks to all admins.
ShowLogin	ESM_Off	How to show player logins to all admins. This is usually done by the game type.
ShowLogout	ESM_Off	How to show player logouts to all admins. This is usually done by the game type.
ShowNew	ESM_Silent	How to show upcoming connections to all admins.
ShowPreLogin	ESM_Beep	How to show player prelogins to all admins.

Customize - configuring Nephthys to be part of other server side mods

Option	Default	Description
bUscriptAPI	false	Whether to support the UnrealScript event interface. If there are mods using Nephthys' events this option has to be true, otherwise this option should be set to false for better performance.

IP Log - settings of the player log module

Option	Default	Description
LogTable	all empty	All logged players. Never change a setting here directly, or server will crash! Use the Log commands instead.
MaxLogTableEntries	1000	Limit for entry number in log table. On load oldest entries get deleted. Large log tables need much time to be saved and searched through. Small log tables can't store "old" players. Find an applicable value for your server. Use 0 to turn this option off (log table may grow endlessly).
ShowLog	ESM_Beep	How to show any change of the log table to all admins

Upload - settings concerning the upload of files down to a player

Option

Default

Description

bAllowUploads

true

If this is set to false no player may download missing packages.

bLimitUploadBandwidth

true

Turns on the automatic upload bandwidth limitation algorithm. Upload is limited to the remaining available bandwidth calculated by MaxClientRate * (MaxPlayers + MaxSpectators) * UploadThrottle.
If you prefer to play undisturbed by downloaders, this option should be set to true.
If you prefer to get the downloader in as fast as possible (waiting until download/lag has stopped), this option should be set to false.
To setup all your server's bandwidth values correctly use this small calculator (requires JavaScript to be enabled):

Server's Bandwidth [kbit/sec]:		e.g. Modem=56, ISDN=64, T-DSL=128, etc (if you have asymmetric bandwidthes enter the smaller value, usually the upload bandwidth!) If you're unsure ask your ISP or use the experimental way, e.g.: broadband » Speed tests.
MaxPlayers:		Advanced Options -> Game Settings -> MaxPlayers
MaxSpectators:		Advanced Options -> Game Settings -> MaxSpectators
MaxClientRate:		Advanced Options -> Networking -> TCP/IP Network Play -> MaxClientRate (= max NetSpeed the server will accept from clients)

MaxUploadPackageSize

-1

Max number of bytes a package may have to be allowed to be uploaded. Greater amount is blocked before start. -1 = no limit

MaxUploadSize

-1

Max number of bytes a connection may download in sum. Greater amount is blocked before start. -1 = no limit

ShowPublicUploads

ESM_Off

How to show a lag warning due to uploads to all players but admins.

ShowUploads

ESM_Beep

How to show info about uploads to all admins.

UploadThrottle

1.0

Multiplyer for automatic upload bandwidth limitation (needs bLimitUploadBandwidth=true). Values > 0.0 but < 1.0 will make downloads slower with less lag for online players, values > 1.0 will make download faster with increasing lag for online players, values <= 0.0 will disable uploads. See bLimitUploadBandwidth for more details.

Udp Server Query
The UDP server query is the server side actor which replies to client's info requests (mainly server rules (= admin name, which map is running, ping, etc) and player list (= which players are currently playing, score, skins, pings, etc)).
Nephthys has it's own actor which fixed some flaws and has some more options:

Reports - Displayed by enhanced server browsers (= not the in-game browser, e.g. GameSpy or QTracker) Nephthys can reply additional informations:

Option	Default	Description
AddServerRule	all empty	Generic additional informations given to the client as reply to server rule requests
.Tag		The key for the information (e.g. "Policy")
.Value		The information itself (e.g. "No cussing!")
bReportPlayers	true	Include players in detailed info
bReportSpectators	false	Include spectators in detailed info
bReportBots	false	Include bots in detailed info
bReportCameras	false	Include cameras in detailed info
bReportOthers	false	Include all other score board entry relevant actors in detailed info
bCountRealPlayersOnly	true	Whether to count real players in server list only (= don't count spectators, etc) or to count all of the checked above in server list

Settings - General options:

Option	Default	Description
bLogAllRequests	false	Debug only, never set this to true for usual play!
bLogRejected	false	Log attacker requests
bLogInvalidRequests	false	Log mal-formed requests
bLogInvalidSends	true	Log mal-formed replies
bLogSendText	false	Debug only: log all replies sent
bLogSendFail	true	Log failing sends
MaxRequestsForRQA TimeDeltaForRQA	7 1	Max number of requests per TimeDeltaForRQA seconds a single IP may do, more than this is considered to be a RQA (Repetitive Query Attempt) attack
bBanRQA	false	Whether to ban an RQA attacking IP automatically
MaxRequestsForDRQA TimeDeltaForDRQA	20 1	Max number of requests per TimeDeltaForDRQA seconds counted of all IPs, more than this is considered to be a DRQA (Distributed Repetitive Query Attempt) attack, resulting in ignorance of all further requests

Commands
Nephthys can be accessed from server log window via
npt <command>
or by in-game admins via
admin npt <command>
All commands outputs are both logged and shown to all admins, as configured by ShowCmdResult and ShowCmdError.

Command	Description
Help	Show a brief summary of all commands
Status [<conn#>]	Show a brief summary of all handled connections [a detailed info of given connection]
Ban list [<banentry> [<sort> [<count>]]]	List ban table [only <banentry>s [sorted by <sort> [max. <count> entries]]]
Ban remove <banentry>	Remove ban table <banentry>s
Ban change <banentry> <banpar>	Change a single ban table <banentry>
Ban new <banpar>	Insert a new ban table entry
Kick <ip>[:<port>]\|N=<Name>	Kick a given player. You may kick downloaders by giving the IP!
Log list [<logentry> [<sort> [<count>]]]	List log table [only <logentry>s [sorted by <sort> [max. <count> entries]]]
Log remove <logentry> [<name>]	Remove log table <logentry>s [only the exact <name> from the entry]
Log range <logentry> <ipStart>[-<ipEnd>]\|#<slotStart>-<slotEnd>[,Mask]	Expand log table entry to IP range / re-range <logentry>. New range may include other entries, but must not intersect any entry. Giving ",Mask" will expand the selected range to boundaries of powers by 2 (see <logentry>). If you're unsure what this option does then don't use it! Anyways, it's recommended to use "log list" with thie required mask prior to applying it with "log range".
Log merge <logentry> [Mask]	Merge successive <logentry>s with same name(s) [and expand them by mask calculation]. It's a shortcut to range multiple log table entries of dyn. IP players into one single entry.

With:

Tag	Description
<banentry>	<ipStart>-<ipEnd> \| #<slotStart>[-<slotEnd>] \| N=<name> \| L=<LastUsedStart>[-<LastUsedEnd>] \| C=<comment> \| M=<message> \| R=<reference> \| Drop More than 1 search criteria may be given separated by comma "," Name, Comment, Message, Reference: selects only ban entries including the given string LastUsed: omit time and/or day if not needed, e.g. 2004/08-2004/09 Drop: selects only ban entries with DropCount > 0
<banpar>	{IP=<ip>[-<ip>] \| Name=<string> \| \| Expires=<stamp> \| Mode=Always,OffWhenAdmin,ReserveName,Off \| bStealth=0,1 \| Message=<string> \| Reference=<string> }+ IP: IP address (range) to ban, given as ddd.ddd.ddd.ddd Name: only for name bans or name reservation bans Expires: time stamp when this ban entry becomes disabled automatically and becomes shown as "suspect" if configured. Note that it isn't removed automatically! Mode: Always: ban entry active always; OffWhenAdmin: ban entry active only if no admin is logged in; ReserveName (IP (range) and Name requrired): Name is useable for given IP (range) only; Off: disabled (is shown as "suspect" if configured) bStealth: 0: connection is allowed to query and to attempt PreLogin, 1: no traffic from connection is accepted Message (only usable by extending UScript interface): message the player gets shown when banned Reference: user defineable reference why this ban was setup (default = current time stamp - see server log at this stamp for details)
<logentry>	<ipStart>-<ipEnd> \| #<slotStart>[-<slotEnd> \| N=<name> \| L=<LastUsedStart>[-<LastUsedEnd>] \| Admin \| Drop \| Kick[,Mask] Name: selects only log entries including the given string LastUsed: omit time and/or day if not needed, e.g. 2004/08-2004/09 Admin: selects only log entries detected as admins Drop: selects only log entries with DropCount > 0 Kick: selects only log entries with KickCount > 0 Mask (requires IP range or slot (range): extend IP range to powers of 2. E.g. range 1.2.3.24-1.2.3.129,Mask becomes 1.2.3.0-1.2.3.255 and range 1.2.3.24-1.2.8.24,Mask becomes 1.2.0.0-1.2.15.255 etc This might be useful when experimentally setting up IP ranges for logged names of dynamic IP address ranges.
<stamp>	yyyy[/mm[/dd[%20hh[:mm[:ss]]]]]
<string>	replace blanks with %20, % with %25

Examples (IP addresses don't belong to real players):

npt status

Show status of all active / just closed connections (including incoming and uploading connections)

npt status 2

Show all names of the log entry matching for connection #2

npt log list 127.0.0.0-127.255.255.255

List all log entries of localhost (= same computer the server is running on)

npt log list #-20

List first 20 log entries

npt log list admin

List all log entries for players who joined with the admin password

npt log list N=ThisPlayer

List all log entries including the player name 'ThisPlayer'

npt log list L=2004/08-2004/09

List all log entries last used in August 2004

npt log list #- -last 30

List last recently used 30 log entries (read: who were the last recently 30 players?)

npt log range #123 #123-125

Replace log entry 123 by merged log entries 123 to 125

npt log merge #100-200

Merge all successive log entries with same name in range 100 - 200. If one or both log entries have multiple names entries are merged as soon as one name matches.

npt log remove #-

Remove all log entries (do you have a backup?)

npt ban list 192.168.47.3

List all ban entries matching the IP address 192.168.47.3, including range ban entries where given IP is included

npt ban list N=ImStupid

List all name ban entries matching for a player named 'ImStupid'

npt ban list C=StupidPlayer

List all ban entries with a comment including 'StupidPlayer'. It's a good idea to provide the player's name and a reason as a comment when entry is inserted.

npt ban list #- -last 10

List last recently applied 10 ban entries (read: who was kept out last night?)

npt ban list #- -ref 5

List last recently created 5 ban entries. Since the Reference value is used this only works correctly if a time stamp like in LastUsed is stored as Reference.

npt ban new ip=127.0.0.1-127.0.0.255 comment=This%20is%20a%20Test!

Insert a permanent stealth ban entry for localhost with the comment 'This is a Test!'

npt ban new 127.0.1.1-127.0.1.255 mode=reservename bstealth=0 name=MyName

Insert a name reservation ban for 'MyName': only given IP range can join with that name

npt ban remove 127.0.0.1

Remove all ban entries for the given IP address

npt ban remove #-

Remove all ban entries (it's always a good idea to make a backup of your Unreal\System\Nephthys.ini file every now and then ;-)

UScript interface
Nephthys provides an open UScript interface as a base for customized server mods. This chapter applies to server mods coders only.

Events
Events are UScript functions called by the native code. To use them, create a new class derived from NephthysProxy and write the functions using the following names/prototypes. An actor of this new class has to be spawned (e.g. place it into ServerActors (NOT ServerPackages!!!)). When the event happens, the function gets called. To get any event called bUscriptAPI=true needs to be configured (should be given as instruction in your end user manual!).

event ConnectionRejected( string Addr, string Names );

Description:	Called when connection is rejected before opening.
Parameters:	Addr	IP:Port of the current connection
Parameters:	Names	All known names for connection's IP separated by space or `""` if not logged yet

event ConnectionOpened( string Addr, string Names, out string MoreInfo );

Description:	Called when connection is just opened, PreLogin() not yet passed. Data may be received or sent from now on.
Parameters:	Addr	IP:Port of the current connection
Parameters:	Names	All known names for connection's IP separated by space or `""` if not logged yet
Outputs:	MoreInfo	If the UScript mod can gain some more informations about this connection it may be stored here. These informations can be obtained later by calls to GetPlayerInfo() or GetConnectionInfo().

event ConnectionDropped( string Addr, string Name, string Names );

Description:	Called when connection is closed before PreLogin(), e.g. due to invalid join parameters or a recognized attack. Since the connection was closed now, no data may be sent or received any more.
Parameters:	Addr	IP:Port of the current connection
	Name	The current name of the join attempt or `""` if not analysed yet
	Names	All known names for connection's IP separated by space or `""` if not logged yet

event PreLogin( string Addr, string RequestURL, string Names, out string Error );

Description:	Called after a new player passed PreLogin().
Parameters:	Addr	IP:Port of the current connection
	RequestURL	The complete URL of the join attempt
	Names	All known names for connection's IP separated by space
Outputs:	Error	To reject the join attempt at this place the UScript mod must set up an error message which gets logged. Although the connection gets dropped after that, the message isn't transmitted to the client. Use the game type's PreLogin() function to do so.

event FileUpload( string Addr, string RequestURL, string Names, string FileName, int FileSize );

Description:	Called when new connection started to load a file.
Parameters:	Addr	IP:Port of the current connection
	RequestURL	The complete URL of the join attempt
	Names	All known names for connection's IP separated by space
	FileName	The complete name of the file, including the device (drive letter) and all folder names.
	FileSize	The size of the file in bytes.

event Login( string Addr, string RequestURL, string Names, out string Error );

Description:	Called after new player passed Login().
Parameters:	Addr	IP:Port of the current connection
	RequestURL	The complete URL of the join attempt
	Names	All known names for connection's IP separated by space
Outputs:	Error	To reject the join attempt at this place the UScript mod must set up an error message which gets logged. Although the connection gets dropped after that, the message isn't transmitted to the client. Use the game type's Login() function to do so.

event ConnectionKicked( string Addr, string RequestURL, string Names );

Description:	called when an established connection is closed (kick).
Parameters:	Addr	IP:Port of the current connection
	RequestURL	The complete URL of the join attempt
	Names	All known names for connection's IP separated by space

event Logout( string Addr, string Name, string Names );

Description:	Called after a player passed Logout().
Parameters:	Addr	IP:Port of the current connection
	Name	The name of the join attempt (might not be the name the player used at last)
	Names	All known names for connection's IP separated by space

event RjaAttackStarted( string Addr, string Names, int count, float TimeDelta );

Description:	Called when a connection is considered to be RJA attacking.
Parameters:	Addr	IP:Port of the current connection
	Names	All known names for connection's IP separated by space
	count	Number of new connections resulting in attack detection
	TimeDelta	The time needed to open the connections.

event RjaAttackStopped( string Addr, string Names, int count, float TimeDelta );

Description:	Called when a RJA attack has stopped. This event can be called some time after the attack really stopped.
Parameters:	Addr	IP:Port of the current connection
	Names	All known names for connection's IP separated by space
	count	Number of new connections during attack
	TimeDelta	The duration of the attack.

event DrjaAttackStarted( int count, float TimeDelta );

Description:	Called when a connection is considered to be DRJA attacking.
Parameters:	count	Number of new connections resulting in attack detection
Parameters:	TimeDelta	The time needed to open the connections.

event DrjaAttackStopped( int count, float TimeDelta );

Description:	Called when a DRJA attack has stopped. This event can be called some time after the attack really stopped.
Parameters:	count	Number of new connections during attack
Parameters:	TimeDelta	The duration of the attack.

Functions
These native functions may be called by any custom UScript mod. Common usage is ret = class'NephthysProxy'.static.func(par). It may be called from any mod, not necessarily derived from NephthysProxy. The value of bUscriptAPI doesn't matter.

function string IpNameIsBanned( out string message, optional string ip, optional string name, optional bool bStealth, optional bool bCount );

Description:	Determine whether an IP and/or name is banned. To implement ban checking in the game type's PreLogin() or Login() a call of GetConnectionInfo() followed by a call of this function gains the information needed to return a (ban rule customized) message to the client.
Outputs:	message	If a ban rule matches and it provides a message it's returned here, else `""`.
Parameters:	ip	If given: determine whether this IP is banned. At least ip or name must be given. To match a name reservation ban ip and name must be given.
	name	If given: determine whether this name is banned. At least ip or name must be given. To match a name reservation ban ip and name must be given.
	bStealth	If `bStealth!=false` (i.e. =`true` or omitted) only stealth ban rules are considered, all non-stealth ban rules aren't applied
	bCount	Whether to count the ban appliance (depending on bStealth)
Returns:	The description of the matched ban rule or `""` if none matched.

function string BanIpName( optional string ip, optional string name, optional string comment, optional string AppendIfNot );

Description:	Insert a new stealth ban rule, valid always and forever, or set an existing ban rule to always valid and append the comment.
Parameters:	ip	If given: ban this IP. Either ip or name must be given.
	name	If given: ban this name. Either ip or name must be given.
	comment	Additional comment for this rule (e.g. reason).
	AppendIfNot	If an existing ban rule matches the parameters and it doesn't include any of the (space separated) words given here, the new comment is appended to the old comment (with space as separator). Otherwise the old comment is replaced by the new comment. Note that existing ban rules aren't set to stealth.
Returns:	A message what has been done.

function bool GetPlayerInfo( PlayerPawn PP, out string Addr, out string State, out string Names, out string MoreInfo );

Description:	Gets informations about a given player.
Parameters:	PP	The PlayerPawn to obtain the informations for.
Outputs:	Addr	Current IP:Port of the player.
	State	State of the connection.
	Names	All known names for connection's IP separated by space
	MoreInfo	More informations as given by event ConnectionOpened()
Returns:	Whether it worked out good (`true`) or bad (`false`, e.g. no connection for PlayerPawn).

function bool Kick( optional PlayerPawn PP, optional string Addr );

Description:	Kicks by a given PlayerPawn, IP:Port or IP.
Parameters:	PP	If given: the PlayerPawn to kick. Either PP or Addr must be given.
	Addr	If given: IP:Port or IP to kick. If only IP is given all connections matching this IP are kicked.
Returns:	Whether it worked out good (`true`) or bad (`false`, e.g. no connection for PlayerPawn or IP currently not online).

function string LogIpName( string ip, string name );

Description:	Log a new name for a given IP. E.g. this may be called in case of name changes.
Parameters:	ip	The IP to log.
	name	The name to log.
Returns:	A message what has been done.

function ExecuteCommand( string cmd );

Description:	Executes a command as if given by npt <command>.
Parameters:	cmd	The command string to execute.

function bool GetConnectionInfo( string Addr, out PlayerPawn PP, out string State, out string Names, out string MoreInfo, out string UploadFilename, out int UploadTransfered, out int UploadTotalSize );

Description:	Gets informations about a given connection.
Parameters:	Addr	IP:Port of the connection to examine.
Outputs:	PP	PlayerPawn using this connection or `none` if not connected yet / anymore.
	State	State of the connection.
	Names	All known names for the connection separated by space
	MoreInfo	More informations as given by event ConnectionOpened()
	UploadFilename	The complete name of the file currently uploading, including the device (drive letter) and all folder names or `""` if connection isn't uploading.
	UploadTransfered	Number of bytes already uploaded or 0 if connection isn't uploading.
	UploadTotalSize	The size of the file in bytes or 0 if connection isn't uploading.
Returns:	Whether it worked out good (`true`) or bad (`false`, e.g. no connection for Addr).

Construction
- Editor(s) used: UnrealEd fix 4, VC++ 6.0 SP5, fred, EditPlus
- Base: Unreal Public Headers 224v and Gold, UT Public Headers v432, Kerberos

Credits
- }TCP{Wolf
- Bolke de Beer

Copyright / Permissions
- This mod is copyrighted 2004 by Winged Unicorn and Zora (original code belongs to Epic).
- Authors may use this mod as a base to build their own mods (e.g. creating an UnrealScript extension).
- This mod is absolutely freeware. You MAY distribute this level through any electronic network (Internet, FIDO, local BBS etc.), on condition that you include this file and leave the archive intact.
- You are NOT allowed to gain any money for this mod. You are NOT allowed to commercially exploit this mod, i.e. put it on a CD or any other electronic medium that is sold for money, without explicit permission of Winged Unicorn or Zora!
- You are NOT allowed to decompile the DLLs nor to hack into Nephthys in any kind.
- Don't give this mod to people you don't trust!

Trademarks
- UNREAL (c)1998 Epic Megagames, Inc. All Rights Reserved. Distributed by GT Interactive Software, Inc. under license. UNREAL and the UNREAL logo are registered trademarks of Epic Megagames, Inc. All other trademarks and trade names are properties of their respective owners.