Anti flooder.

Description: This tutorial will show you how to add an anti flood system which allows you to set a amount of connections allowed in a certain time ( Eg. Only allow 10 connections every minute from an IP ), you will easily be able to set the timers yourself and its customizable.

Difficulty: 4/10, probably not even that.

Assumed Knowledge: A little java?

Tested Server: Umm cleaned V4 me thinks.

Files/Classes Modified: The server class

Procedure
Step 1: Okay so open your server.java

Code:

public java.util.ArrayList<String> bannedHosts = new java.util.ArrayList<String>();
   public java.util.HashMap<String, Integer> connectionAmount = new java.util.HashMap<String, Integer>();
   public static final int CONNECTION_TIME = 10; /* If sombody connects more than the max attempts within this amount of seconds block them from logging in */
   public static final int MAX_CONNECTION_ATTEMPTS = 2;
   public static final int BAN_TIME = 30; //4 minutes to keep banned
   public int connectionAttempts;
   public long connectionTime;
   public long timeBanned;
   public boolean connectedBefore;

Code:

public java.util.ArrayList<String> bannedHosts = new java.util.ArrayList<String>();

Contains the hosts which are currently banned.

Code:

public java.util.HashMap<String, Integer> connectionAmount = new java.util.HashMap<String, Integer>();

Contains the IP which has connected and the amount of times it has connected within the CONNECTION_TIME time.

Code:

public static final int CONNECTION_TIME = 60;

The time frame in which to allow a certain amount of connections.

Code:

public static final int MAX_CONNECTION_ATTEMPTS = 10;

The time frame in which to allow a certain amount of connections.

Code:

public static final int BAN_TIME = 240; //4 minutes to keep banned

The amount of seconds to keep them banned..

Code:

public static int connectionAttempts;

Amount of connection attempts already made.

Code:

public static long connectionTime;

When they connected.

Code:

public static long timeBanned;

When they were banned

Step 2: Now in your run method

This is whats needed:

Code:

if(System.currentTimeMillis() - connectionTime > CONNECTION_TIME*1000 && connectedBefore) {
               System.out.println(System.currentTimeMillis() - connectionTime+":"+CONNECTION_TIME*1000);
               connectionAttempts = 0; // Reset the connection attempts
               connectionTime = 0;
               connectionAmount.remove(connectingHost);
               misc.println("Connection time reset for "+connectingHost);
               connectedBefore = false;
               continue;
            } else {
               System.out.println(System.currentTimeMillis() - connectionTime+":"+CONNECTION_TIME*1000);
               connectionAmount.put(connectingHost, connectionAttempts++);
               misc.println("Put into Hashmap "+connectingHost);
            }
            connectionTime = System.currentTimeMillis();

Code:

       if(bannedHosts.contains(connectingHost)) {
                   if(System.currentTimeMillis() - timeBanned > BAN_TIME*1000-1) {
                      bannedHosts.remove(connectingHost);
                      misc.println(new StringBuilder(connectingHost).append(": Unbanned").toString());
                     connectionAttempts = 0; // Reset the connection attempts
                     connectionAmount.remove(connectingHost);
                     continue;
                   } else {
                      misc.println(new StringBuilder(connectingHost).append(": Rejected for " +
                            "flooding!").toString());
                      s.close();
                   }
                }
                if(connectionAmount.get(connectingHost) > MAX_CONNECTION_ATTEMPTS-1 && !bannedHosts.
                      contains(connectingHost)) {
                   misc.println(new StringBuilder(connectingHost).append(": Banned for flooding!").toString());
                   bannedHosts.add(connectingHost);
                   timeBanned = System.currentTimeMillis();
                }
                connectedBefore = true;

Code:

if (Found < 3) {

Needs to be.

Code:

if (Found < 3 && !bannedHosts.contains(connectingHost)) {

First one should be above the if (true) { second one below, theres a little clue.

Explanation:

Code:

connectionTime = System.currentTimeMillis();

The time they connected so we can see if its within our timeframe.

Code:

if(connectionTime - System.currentTimeMillis() < CONNECTION_TIME*1000) {

If the connectionTime - the current time is lower than our allowed connection time times by 1000 to make it into milliseconds then execute this block.

Code:

connectionAmount.put(connectingHost, connectionAttempts++);

Put the connectingHost into a hashmap also with the amount of times they have connected incremented.

Code:

connectionAttempts = 0; // Reset the connection attempts
               connectionAmount.remove(connectingHost);

reset everything.

Code:

if(connectionAmount.get(connectingHost) > MAX_CONNECTION_ATTEMPTS-1 && !bannedHosts.
                      contains(connectingHost)) {

If the connecting hosts amount of connections is higher than our max -1 and is not already in tha banned hosts (If they are banned whats the point in doing this) then execute the following code

Code:

bannedHosts.add(connectingHost);
                   timeBanned = System.currentTimeMillis();

Put the host in the banned hosts ArrayList and record the time banned.

Code:

if(timeBanned - System.currentTimeMillis() > BAN_TIME*1000) {

If theyve been banned longer than the ban time, unban them..

Code:

s.close();

Close the socket/reject the connection

//Masterchef