-
Notifications
You must be signed in to change notification settings - Fork 5
Home
🛑 End Of Life for SlimeDog/NetworkInterceptor
See Version Support for a list of certified versions and platforms.
NetworkInterceptor detects and (optionally) blocks outgoing network connections that you might choose not to allow. Examples of the network connections it can detect:
- Generally required:
- player authentication (Mojang)
- Generally good:
- server version check (Minecraft variants: Paper, Spigot, etc.)
- plugin version check
- bStats
- PlaceholderAPI
- Generally not so good:
- plugin auto-download and install
- plugin arbitrary code download and execute
- plugin private data reporting
NetworkInterceptor installs a custom security manager and a custom proxy selector into the Java runtime environment which logs and (optionally) blocks outgoing network connections. This allows server administrators easily to monitor the nature of connections made by plugins, and if they desire, prevent them.
java -Djava.security.manager=allow
.
This specification was verified to be compatible with Java 17.0.1 (and later), Java 18, and Java 19, and Java 20.
plugins/LagMonitor/config.yml
. NetworkInterceptor can run without the custom security manager enabled, but connection detection is greatly reduced.
This script summarizes log entries. As written, it must be run in the main server directory. Feel free to modify it to suit your needs.
INTERCEPT_LOG_FILE="plugins/NetworkInterceptor/intercept.log"
grep --text -e 'Current .* version:' ${INTERCEPT_LOG_FILE}
grep --text -e Intercepted -e Blocked ${INTERCEPT_LOG_FILE} | sed -e 's/.*Intercepted/Intercepted/' -e 's/.*Blocked/Blocked/' | sort -u
Please provide an equivalent script for Windows. We will publish it here, with thanks and credit.
And we'll never forget: NetworkInterceptor 1.0 was made with ❤️ by Luck. All credit for the original design and implementation belongs to him.