472 lines
14 KiB
YAML
472 lines
14 KiB
YAML
# Learn about proper configuration setup through the official XCord discord
|
||
# In the 'xcord-config-help' channel
|
||
# Maximizing XCord's full potential will require some configuration since all servers are a bit different
|
||
fixes:
|
||
# 修复1.7玩家加入时导致1.8玩家被踢出的问题
|
||
fix-1_7-kick-when-1_8-joins: true
|
||
ip-spoofer:
|
||
# 是否伪造列表中的用户IP地址
|
||
spoof-listed-user-ips: false
|
||
# 伪造时是否记录日志
|
||
log-on-spoof: true
|
||
# 将IP更改为这个地址
|
||
change-ip-to-this: 72.229.28.185
|
||
# 伪造用户的用户名(区分大小写)
|
||
spoofed-users-case-sensitive:
|
||
- bob7l
|
||
- Notch
|
||
#Anti-exploit, increase each by 1.5x if they false (1.16.5+ known to false)
|
||
exploit-monitor:
|
||
# 是否启用漏洞监控
|
||
enabled: true
|
||
# 最大解压缩后的数据包长度
|
||
#How long can a packet be after de-compression?
|
||
max-decompressed-packet-length: 2097152
|
||
# 最大数据包字节数
|
||
max-packet-bytes: 46000
|
||
# 每tick最大字节数限制
|
||
packet-bytes-per-tick-limit: 250000
|
||
# 每tick最大数据包数量限制
|
||
packets-per-tick-limit: 1250
|
||
# 每tick最大负载字节数限制
|
||
payload-bytes-per-tick-limit: 33000
|
||
# 每tick最大聊天或命令数
|
||
max-chat-or-commands-per-tick: 50
|
||
# 踢出前的异常次数
|
||
exceptions-before-kick: 2
|
||
# 过滤Tab表情
|
||
filter-tab-expressions: true
|
||
# 表达式过滤器分数
|
||
expression-filter-score: 10
|
||
# 版本允许阈值乘数
|
||
version-allowed-threshold-multiplier:
|
||
- '107: 1.25'
|
||
- '315: 1.75'
|
||
only-blacklist-packet-errors-during-attack: true
|
||
anti-ddos:
|
||
# 启用IP黑名单
|
||
blacklist: true
|
||
# 不可能缓冲区最大违规次数
|
||
improbable-buffer-max-violations: 10
|
||
# 登录阶段的反DDoS设置
|
||
during-login:
|
||
# 是否启用登录阶段反DDoS
|
||
enabled: true
|
||
# 初始缓冲区限制(字节)
|
||
initial-buffer-limit-bytes: 2000
|
||
# 每秒最大字节数
|
||
max-bytes-per-second: 50000
|
||
# 每秒最大数据包数
|
||
max-packets-per-second: 500
|
||
# 游戏过程中的反DDoS设置
|
||
#Very similar to the exploit-monitor. If you enable this and get false kicks, raise each field by 1.5x
|
||
during-gameplay:
|
||
# 是否启用游戏过程中反DDoS
|
||
enabled: true
|
||
# 每秒最大字节数
|
||
max-bytes-per-second: 250000
|
||
# 每秒最大数据包数
|
||
max-packets-per-second: 1250
|
||
# 版本允许阈值乘数
|
||
version-allowed-threshold-multiplier:
|
||
- '107: 1.25'
|
||
- '315: 1.75'
|
||
# DOS IP过滤器
|
||
dos-ip-filter:
|
||
# 是否启用DOS IP过滤器
|
||
enabled: true
|
||
# 更新数据库间隔时间(秒)
|
||
update-database-interval-seconds: 3600
|
||
# 使用IP集
|
||
use-ipset: true
|
||
# 启用此功能的每秒连接数阈值
|
||
enable-at-this-connections-per-second: 100
|
||
#Some of these options may be incompatible with plugins such as ViaVersion, Protocolize, etc
|
||
performance-optimizations:
|
||
# 使用合并编码管道
|
||
use-merged-encoding-pipeline: false
|
||
# 忽略记分板并禁用记分板API
|
||
ignore-scoreboards-and-disable-scoreboard-api: false
|
||
# 不复制数据包
|
||
dont-copy-packets: false
|
||
# 在服务器上使用TCP快速打开
|
||
use-tcp-fast-open-on-servers: true
|
||
# 在客户端使用TCP快速连接
|
||
use-tcp-fast-connect-on-clients: true
|
||
# 使用优化的超时处理程序
|
||
use-optimized-timeout-handler: true
|
||
# 最大数据包队列
|
||
max-packet-queue: 8192
|
||
general:
|
||
# 许可证密钥
|
||
#Get the license from joining XCord's discord server, and messaging the bot your PayPal email.
|
||
license-key: 8ukBbwdshpE3Bc0Bi4vi
|
||
# F3显示名称
|
||
f3-display-name: MinecraftDBM
|
||
# 始终检查允许的名称字符
|
||
always-check-allowed-name-characters: true
|
||
# 动态解析服务器地址
|
||
dynamically-resolve-server-addresses: true
|
||
# 初始超时时间
|
||
initial-timeout: 12000
|
||
# 基础tick时间
|
||
base-tick: 1000
|
||
# 踢出超时时间
|
||
kick-timeout: 6000
|
||
# 压缩强度
|
||
compression-strength: -1
|
||
# 新连接速度阈值
|
||
new-connection-speed-threshold: 50000
|
||
# 最小名称长度
|
||
minimum-name-length: 2
|
||
asn-blacklist:
|
||
# 全局ASN黑名单是否启用
|
||
global-blacklist-enabled: true
|
||
# 使用激进版本的全局黑名单
|
||
global-blacklist-use-aggressive-version: true
|
||
# 黑名单ASN列表
|
||
blacklisted-asn-list:
|
||
- '210644'
|
||
- '53667'
|
||
compatibility:
|
||
# 跳过初始连接检查
|
||
#Use this if you have TCPShield/ComsicGuard/Similar that deliver a real player's IP layer on in the login process
|
||
skip-initial-connection-checks: false
|
||
# 负载通道限制
|
||
payload-channel-limit: 128
|
||
# 作为Waterfall显示
|
||
#Spoof the internal name to Waterfall instead of XCord. Might solve plugin compatibility issues
|
||
appear-as-waterfall: false
|
||
# 始终触发退出事件
|
||
always-fire-quit-event: true
|
||
# 支持IPv6
|
||
support-ipv6: false
|
||
# 使用waterfall断开连接
|
||
#Use waterfall's server disconnection code rather than Bungee's updated system
|
||
use-waterfall-disconnection: false
|
||
log-filter:
|
||
# 是否启用日志过滤
|
||
enabled: false
|
||
# 被过滤的日志类型
|
||
filtered:
|
||
- BotHandler
|
||
- ping
|
||
- ServerConnector
|
||
- DownstreamBridge
|
||
shared-global-blacklist:
|
||
# 是否启用共享全局黑名单
|
||
enabled: true
|
||
# 更新数据库间隔时间(秒)
|
||
update-database-interval-seconds: 3600
|
||
# 使用IP集
|
||
use-ipset: false
|
||
debug:
|
||
# 输出下游错误
|
||
output-downstream-errors: false
|
||
# 调试模式
|
||
debug-mode: false
|
||
# 内存泄漏监控
|
||
memory-leak-monitor: true
|
||
# 被动内存泄漏监控
|
||
passive-memory-leak-monitor: true
|
||
security-manager:
|
||
# 黑名单重置时间
|
||
blacklist-reset-time: 60
|
||
# 记录黑名单
|
||
log-blacklist: true
|
||
# 过度和额外日志记录
|
||
excessive-and-extra-logging: false
|
||
# 忽略地址是否启用
|
||
ignore-addresses-enabled: false
|
||
# IP集黑名单
|
||
ipset-blacklisting: false
|
||
# 自动白名单HAProxy地址
|
||
auto-whitelist-haproxy-addresses: true
|
||
# 自动白名单交换的IP
|
||
auto-whitelist-swapped-ips: false
|
||
# 忽略的地址
|
||
ignored-addresses: []
|
||
kernel-level-ipset-country-blocker:
|
||
# 内核级IP集国家屏蔽是否启用
|
||
enabled: false
|
||
# 被阻止的ISO国家代码
|
||
blocked-iso-codes:
|
||
- JP
|
||
anti-bot:
|
||
alerting:
|
||
# 控制台打印统计信息
|
||
print-stats-to-console: true
|
||
# 跟踪的指标
|
||
#What should be tracked? Valid types: [CONNECTION_RATE, BLACKLISTS, TRACKING_IPS, CPU]
|
||
tracked-metrics:
|
||
- CONNECTION_RATE
|
||
- CPU
|
||
- BLACKLISTS
|
||
- TRACKING_IPS
|
||
# Discord Webhook警报
|
||
discord-webhook-alerts: false
|
||
# 发布攻击统计数据到网页
|
||
publish-attack-stats-to-web: true
|
||
# 机器人攻击开始Webhook文件
|
||
webhook-botattack-start-file: xcord_webhook_attackstart.json
|
||
# 机器人攻击结束Webhook文件
|
||
webhook-botattack-end-file: xcord_webhook_attackend.json
|
||
# 验证然后重新连接的传递
|
||
passthrough-verify-then-reconnect:
|
||
# 是否启用验证后重新连接
|
||
enabled: true
|
||
# 始终传递踢出
|
||
always-passthrough-kick: false
|
||
# 成功验证踢出消息
|
||
successful-verify-kick-message: '&aYour connection has been verified! Please re-connect.'
|
||
# 验证V2
|
||
#Powerful, highly configurable, spoofed lobby check where
|
||
#XCord performs various checks to validate whether the user is a bot or not
|
||
verifyV2:
|
||
# 是否启用验证V2
|
||
enabled: true
|
||
# 忽略Geyser
|
||
ignore-geyser: true
|
||
# 验证数据包
|
||
verify-packets: true
|
||
# 验证品牌
|
||
verify-brand: true
|
||
# 黑名单前的最大违规次数
|
||
max-violations-for-blacklist: 3
|
||
# 最大延迟
|
||
max-ping: 2000
|
||
# 最大检查时间
|
||
max-check-time: 30000
|
||
# 忽略1.16+版本
|
||
ignore-1-16-plus-versions: false
|
||
# 配置阶段最大等待时间
|
||
config-stagemax-wait-time: 6000
|
||
# 阻止潜在代理检查1
|
||
#Powerful check, but may false on phone connections
|
||
block-potential-proxiesproxy-check-1:
|
||
# 是否启用
|
||
enabled: true
|
||
# 宽容度
|
||
leniency: 127
|
||
# 阻止潜在代理检查2
|
||
#Picks up most proxies, but may false-kick super laggy players (Rare, but they can always re-join!)
|
||
block-potential-proxiesproxy-check-2:
|
||
# 是否启用
|
||
enabled: true
|
||
# 忽略旧版
|
||
#Pre-1.8 builds are a bit more unstable, and may false more. Ignore?
|
||
ignore-legacy: false
|
||
# 宽容度
|
||
leniency: 20
|
||
# 最大尝试次数
|
||
max-attempts: 40
|
||
# 忽略低于此延迟的连接
|
||
ignore-below-this-ping: 10
|
||
# 间隔
|
||
interval: 50
|
||
# 高级大厅检查
|
||
#Fall + Gravity + Collision check. Very good against almost all bots
|
||
advanced-lobby-check:
|
||
# 是否启用
|
||
enabled: true
|
||
# 是否激进
|
||
aggressive: true
|
||
# 验证中消息
|
||
verifying-message:
|
||
- '&f&lXCORD&7» &6Verifying your Minecraft client...'
|
||
# 已验证消息
|
||
verified-message:
|
||
- '&f&lXCORD&7» &aYou''ve been successfully verified!'
|
||
# 最大尝试次数
|
||
max-attempts: 2
|
||
# 测试碰撞
|
||
test-collision: true
|
||
# 故障检查
|
||
glitch-check:
|
||
# 是否启用
|
||
enabled: true
|
||
# 激进度
|
||
aggressiveness: 40
|
||
# 启动延迟秒数
|
||
boot-delay-seconds: 0
|
||
# 禁用检查时间
|
||
disable-checks-time: 60000
|
||
# Linux检查
|
||
#Kicks users that are connecting quickly, and appear to be on Linux
|
||
linux-check: true
|
||
# 聊天检查
|
||
#Kicks users who chat/command too quickly after logging in
|
||
chat-check: true
|
||
# DNS检查
|
||
#Only during bot-attack, blacklist people who connect directly to your IP (Not domain)
|
||
dns-check: true
|
||
# DNS检查是否严格
|
||
dns-check-is-strict: true
|
||
# IP跟踪超时时间
|
||
ip-tracking-timeout: 40000
|
||
# 聊天强制延迟
|
||
chat-force-delay: 800
|
||
# 白名单生存时间(秒)
|
||
#Time in seconds to retain a player's whitelist status (Max is 2147483647)
|
||
whitelist-survive-time-seconds: 2628288
|
||
# 白名单清理间隔
|
||
whitelist-purge-interval: 43200000
|
||
# 白名单保存间隔
|
||
whitelist-save-interval: 3600000
|
||
# 白名单所需时间
|
||
time-to-whitelist: 300000
|
||
# 时间分组tick
|
||
time-grouping-tick: 5000
|
||
# 反机器人停用延迟
|
||
#Time in seconds until the anti-bot deactivates after a bot attack seems over
|
||
anti-bot-deactivate-delay: 60
|
||
# 反机器人激活连接数
|
||
#How many connections in a second until the anti-bot kicks on
|
||
anti-bot-activate-connections: 40
|
||
# 快速登录
|
||
speedy-login:
|
||
# 每tick最大登录数
|
||
max-logins-per-tick: 4
|
||
# 黑名单违规次数
|
||
blacklist-violations: 3
|
||
# 快速连接
|
||
speedy-connection:
|
||
# 每tick最大连接数
|
||
max-connections-per-tick: 10
|
||
# 黑名单违规次数
|
||
blacklist-violations: 3
|
||
# 不稳定检查
|
||
unstable-check:
|
||
# 是否启用
|
||
enabled: false
|
||
# 延迟阈值
|
||
latency-threshold: 500
|
||
# 延迟踢出原因
|
||
delay-kick-for-reason: false
|
||
# 黑名单违规次数
|
||
blacklist-violations: 5
|
||
# 奇异名称
|
||
strange-name:
|
||
# 是否启用
|
||
enabled: true
|
||
# 随机大写字母数量
|
||
random-capital-count: 3
|
||
# 随机数字数量
|
||
random-number-count: 3
|
||
# 黑名单违规次数
|
||
blacklist-violations: 2
|
||
# 预处理
|
||
pre-p:
|
||
# 是否启用
|
||
enabled: true
|
||
# 延迟
|
||
delay: 3
|
||
# 黑名单违规次数
|
||
blacklist-violations: 2
|
||
# 超时洪水
|
||
timeout-flood:
|
||
# 是否启用
|
||
enabled: true
|
||
# 超时间隔时间
|
||
time-between-timeouts: 10000
|
||
# 黑名单违规次数
|
||
blacklist-violations: 3
|
||
# Linux独占套接字检查
|
||
linux-only-socket-check:
|
||
# 是否启用
|
||
enabled: true
|
||
# 仅在机器人攻击期间启用
|
||
enable-during-bot-attack-only: true
|
||
# 所需连接率
|
||
required-connection-rate: 100
|
||
# 检测可疑MSS
|
||
detect-suspicious-mss: true
|
||
# 检测非Windows系统
|
||
detect-non-windows: true
|
||
# 检测可疑连接
|
||
detect-suspicious: true
|
||
# 检测代理和VPS
|
||
detect-proxies-and-vps: true
|
||
# 而不是黑名单,降低机器人检查的阈值
|
||
lower-thresholds-of-bot-checks-instead-of-blacklist: false
|
||
# 名称模式
|
||
name-pattern:
|
||
# 是否启用
|
||
enabled: true
|
||
# 最小名称长度
|
||
minimum-name-length: 5
|
||
# 名称历史长度
|
||
name-history-length: 2
|
||
# 仅相同长度
|
||
same-length-only: false
|
||
# 最小匹配百分比
|
||
minimum-match-percent: 0.4
|
||
# 黑名单违规次数
|
||
blacklist-violations: -1
|
||
# 防止挂起
|
||
anti-hang:
|
||
# 是否启用
|
||
enabled: true
|
||
# 仅在机器人攻击期间启用
|
||
only-during-bot-attack: true
|
||
# 强制超时时间
|
||
force-timeout-time: 2000
|
||
# 空ping和ping刷屏
|
||
null-ping-and-ping-spam:
|
||
# 缓存ping MOTD
|
||
cache-ping-motd: true
|
||
# 仅在机器人攻击期间缓存
|
||
only-cache-during-bot-attack: true
|
||
# 缓存毫秒数
|
||
cache-milliseconds: 1000
|
||
# 禁用传统ping
|
||
disable-legacy-pings: false
|
||
login:
|
||
# Tick长度(毫秒)
|
||
tick-length-ms: 100
|
||
# 线程池大小
|
||
thread-pool-size: 5
|
||
anti-vpn:
|
||
# 是否启用反VPN
|
||
enabled: true
|
||
# 记录非缓存检测
|
||
log-non-cache-detection: false
|
||
# 阻止的ASN
|
||
blocked-asn: []
|
||
# 阻止的国家
|
||
blocked-country: [JP]
|
||
# 保存间隔
|
||
save-interval: 3600
|
||
# 清理间隔
|
||
purge-interval: 86400
|
||
# 清理年龄
|
||
purge-age: 2592000
|
||
# 检测时加入黑名单
|
||
blacklist-on-detection: false
|
||
# 仅在攻击期间检测时加入黑名单
|
||
only-blacklist-on-detection-during-attack: true
|
||
# 初始连接检查
|
||
initial-connection-checkenabled: true
|
||
# 仅在机器人攻击期间进行初始连接检查
|
||
initial-connection-checkonly-during-bot-attack: true
|
||
# 仅缓存检查
|
||
initial-connection-checkcache-only: true
|
||
# ProxyChecker.io API
|
||
proxycheckerio-api:
|
||
# 是否启用
|
||
enabled: true
|
||
# 参数
|
||
arguments: '&risk=1&vpn=1&asn=1&tag={name}'
|
||
# 密钥
|
||
key: 'k913g9-b8oc81-10f13m-3f5963'
|
||
# IPHub API
|
||
iphub-api:
|
||
# 是否启用
|
||
enabled: false
|
||
# 密钥
|
||
key: ''
|
||
# BlackBox API
|
||
blackbox-api:
|
||
# 是否启用
|
||
enabled: true
|