I have been trying to use scripts.txt to catch hackers, who have made my server (Takistan Life: Revolution) unplayable half the time. I used to catch 99% of hackers using packet logs but that is impossible since 1.62.
Please forgive me if I sound frustrated here, I'm not trying to "rage" or "rant," I understand the hard work done by BIS and BE, and realize that scripts.txt helps people on rented VM servers, I am not looking for an infraction or ban, etc. I just want to be able to catch and ban hackers as quickly as I previously could using a packet sniffer.
My scripts.txt was recognized and renamed scripts_old.txt, with a number of restrictions set to "3" (report to console and log). However, 24 hours later, not a single restricted script was detected, despite hackers having a field day on the server. Hundreds of A-10's and M1A1's were spawned, raining from the sky, but nothing was logged or reported, despite the classnames for these vehicles (A2 and OA versions) being restricted. All players were being remotely killed with "setdamage 1" over and over again, but this was not being logged.
Finally I put "3 call compile" in there, because I know they try to hide their scripts with that. Suddenly I got a 300mb scripts.log file, full of false positives. It's basically like a very primitive and incomplete packet log. "setDamage 1" came up a bunch of times,which made me wonder if the upper-case D was the problem.
So here is my question: is it true that the restrictions in scripts.txt are case-sensitive? And can this be changed? Because I have seen hack scripts in aLterNaTiNg cApS while searching packet logs before, I am afraid they may be sailing past the restriction but still getting recognized by the server and broadcast to all players.
and is it possible in the next update for server owners to toggle packet encryption on/off? Maybe it is my own failure to master scripts.txt with the documentation available (and server owners' understandable reluctance to give out their scripts.txt files), but I find the new script restriction method to be a huge step backwards. The only way it is actually useful is if I restrict "Call compile" or "call broadcast" to create a giant virtual packet log, and search that. I would much prefer to go back to logging packets with a packet sniffer like I used to - it was easy to catch hackers this way, easy to manage the log file, and I didn't have to think of every possible thing they could do beforehand.