Guild icon
DDraceNetwork
Development / developer
Development discussion. Logged to https://ddnet.tw/irclogs/ Connected with DDNet's IRC channel, Matrix room and GitHub repositories — IRC: #ddnet on Quakenet | Matrix: #ddnet-developer:matrix.org GitHub: https://github.com/ddnet
Between 2020-07-08 00:00:00Z and 2020-07-09 00:00:00Z
Avatar
[quakenet] fstd BOT 2020-07-08 00:08:18Z
i'm only having about 10 Mbit/sec incoming
00:08
what kind of sorry ass DDoS is that
Avatar
noby 2020-07-08 00:13:53Z
its spread thin across every server on tw i guess
Avatar
SPYRES 2020-07-08 00:41:52Z
get that cloudlfare waf boyssss 💪 (edited)
00:42
probably wont help in this situation anyways, idk whats being ddos and what the interfacing application is
00:43
also cloudflare can be bypassed anyways so not like it would matter... rip
Avatar
noby 2020-07-08 00:43:56Z
cloudflare is for tcp right
Avatar
SPYRES 2020-07-08 00:46:42Z
ive seen udp and tcp floods before but I am not too sure what is being ddos'ed, how, where it is located, what is the interfacing application, etc etc.
Avatar
noby 2020-07-08 00:47:13Z
what: every popular teeworlds server+the master server itself how: spoofed udp flood
Avatar
ZombieToad 2020-07-08 00:47:48Z
where: everywhere
Avatar
SPYRES 2020-07-08 00:48:04Z
cloudflare offers 1 website free waf protection, they do offer more indepth comprehensive packages that allow you to pass all your traffic through their network and tunnel back to your site but ingress and egress is costly. Also, if your links get saturated then whats the point as your links would be your bottleneck.
Avatar
noby 2020-07-08 00:48:49Z
thats for tcp isnt it
Avatar
ZombieToad 2020-07-08 00:49:19Z
its for http
Avatar
noby 2020-07-08 00:49:40Z
then yes; also the problem isnt that the links get saturated (generally), its that it consumes all the cpu of the server when it tries to either filter or reply
Avatar
SPYRES 2020-07-08 00:50:30Z
you usually want to block flood as high upstream as possible, closest to the gateways before it would ideally reach your network. these providers want you to pay a fortune for ddos protection, the only good ones ive heard is OVH for gaming, other providers usually switch off your VPS when ddos happens/ (edited)
Avatar
noby 2020-07-08 00:50:39Z
yes
00:50
ovh is good
Avatar
ZombieToad 2020-07-08 00:50:49Z
Image attachment
Avatar
noby 2020-07-08 00:50:53Z
lol
Avatar
SPYRES 2020-07-08 00:52:02Z
where did you get this information?
Avatar
noby 2020-07-08 00:52:03Z
and nullroute generally isnt an issue with these types of attacks
00:52
Image attachment
Avatar
SPYRES 2020-07-08 00:54:06Z
at work we had both a tcp and udp flood coming to our network.. funny enough the source address was 0.0.0.0/0 and destination address was 0.0.0.0/0. our perimeter firewall was dropping these packets however our links were saturated so not point trying to add extra mitigation on the perimeter. so we contact our provider to start blocking incoming traffic to our network upstream to lessen the saturation and then our perimeter fw can handle the rest.
Avatar
noby 2020-07-08 00:54:34Z
these attacks are generally spoofing real tw player ips so blocking it this way isnt possible
00:55
and they arent high volume enough to worry about saturating the link
Avatar
GitHub BOT 2020-07-08 04:13:42Z
Author icon
d3fault
[ddnet/ddnet] Issue opened: #2470 Verify that client sends server "zoom level" at correct time, depending on zooming in vs out, now that we have smooth zoom
Maybe this is already handled, idk. Since zoom is now non-instant (a46b266), the client needs to be smarter about when it "tells" the server about it's zoom level (1782d95). Specifically, when zooming in the client should wait until after the "smooth zoom animation" finishes before sending the server the new zoom level... and when zooming out the client should send the server the new zoom level before the "smooth zoom animation" starts. Reason: so tees aren't considered "out of ran...
Avatar
GitHub BOT 2020-07-08 05:19:56Z
Author icon
d3fault
[ddnet/ddnet] Issue closed: #2079 New freezehammer doesn't always work with deepfly bind, but should
Avatar
GitHub BOT 2020-07-08 06:29:41Z
Author icon
def-
[ddnet/ddnet] Pull request opened: #2471 Don't send zoom level while zooming (fixes #2470)
Avatar
Learath2 2020-07-08 08:13:19Z
I love how everyone has a great experience with ovh, but when we try them they null route us 5 minutes into attacks
08:13
Or put a firewall on our ssh port so we cant even connect, best ddos protection
Avatar
deen 2020-07-08 08:14:32Z
OVH blocked my private IP address every time I refreshed the ddnet.tw website too quickly 😄
Avatar
Learath2 2020-07-08 08:17:04Z
Now that I think about it, it does actually stop the ddos. If there is no traffic there can't be any ddos 🤔
Avatar
GitHub BOT 2020-07-08 08:19:57Z
Author icon
sirius1242
[ddnet/ddnet] Pull request opened: #2472 Add function to show health and armor in nameplates. (mainly for server demo)
The effect is as follows: !effect image
  • use cl_nameplates_ha to switch on-off. (default is off)
  • use cl_nameplates_ha_size to adjust size of health and armor nameplates.
Mainly for server-side-recorded demos. If it can't get health and armor data, this will not be rendered.
Avatar
Ryozuki 2020-07-08 08:55:19Z
https://tutanota.com/blog/posts/lawful-access-encrypted-data-act-backdoor/
New anti-encryption bill worse than EARN IT. Act now to stop both.
The Lawful Access to Encrypted Data Act would require US companies to backdoor encryption for the "good guys".
Thumbnail
Avatar
gerdoe 2020-07-08 08:56:02Z
wow
08:57
but i think that always was a backdoor for government
Avatar
Ryozuki 2020-07-08 08:58:09Z
apple has for fbi
08:58
cuz fbi cried
Avatar
Soreu 2020-07-08 09:46:02Z
Didn't FBI cry to force Apple creating backdoor for them, because they couldn't break into one of apple's phone?
Avatar
Learath2 2020-07-08 09:50:26Z
Imagine being an old dinasaur thinking you can regulate math
09:52
If you got nothing to hide you got nothing to worry about guise
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 10:49:07Z
yo @Learath2 how do you respond to people that say "i have nothing to hide"?
Avatar
noby 2020-07-08 10:49:35Z
by pointing out that this argument only works when ur values 100% align with those of the government in the country u live in?
10:49
chiller
10:49
someone was faking u on fng earlier
10:50
they told me u allowed it is that true
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:01:10Z
ChillerDragon: Just because you have nothing to hide from the current people in power, doesn't mean you won't have something to hide from the next govenrment in power
Avatar
noby 2020-07-08 11:01:39Z
yes thats what i meant
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:02:51Z
Also, it's a slippery slope, you got nothign to hide, so how about microphones in your house? It's only the government, there is no reason to worry
11:02
Or some cameras maybe?
Avatar
noby 2020-07-08 11:03:15Z
the more backdoors like this that exist, the more likely it is theyll be exploited by a malicious 3rd party too
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:03:26Z
How about we give a skeleton key to the government so they can unlock every lock ever made?
Avatar
heinrich5991 2020-07-08 11:04:19Z
https://en.wikipedia.org/wiki/Transportation_Security_Administration#Checked_baggage
Transportation Security Administration
The Transportation Security Administration (TSA) is an agency of the U.S. Department of Homeland Security that has authority over the security of the traveling public in the United States. It was created as a response to the September 11 attacks. Chiefly concerned with air tra...
Thumbnail
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:05:14Z
Exactly ^^, everyone and their mothers can get a copy of the TSA skeleton keys now
11:06
And the TSA has the worst track record ever, the backdoor didn't even help
11:07
Besides, I don't even know of a secure way to give them a backdoor
Avatar
heinrich5991 2020-07-08 11:07:51Z
asymmetric crypto
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:07:59Z
You can't revoke keys
Avatar
heinrich5991 2020-07-08 11:07:59Z
assuming they can keep the key secure
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:09:04Z
Also, how do you prove that two ciphertexts belong to the same plaintext?
11:09
If you only have a key for one?
Avatar
heinrich5991 2020-07-08 11:09:47Z
you require the software authors to do it that way
11:09
didn't work great for ban of cryptography exports
11:10
but that did delay secure crypto for the world for a bit
11:10
even creeping into standards
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:10:57Z
I guess if you punish everyone releasing proper crypto software, but if you write the software yourself, there is no way for them to figure it out
Avatar
heinrich5991 2020-07-08 11:11:20Z
yes
11:11
I guess they'd be fine with that
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:11:38Z
You don't even need to do the crypto yourself, not like they can make openssl disappear. You can just encrypt what you want with the governments key and the actual message with the recepients key
Avatar
heinrich5991 2020-07-08 11:12:24Z
it's not quite as easy, usually when doing asymmetric crypto, you don't encrypt the message, but the random symmetric key used for encrypting the message
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:12:30Z
I actually wondered whether you could have two keys decrypting the same ciphertext, but neither the discrete logarithm nor the elliptic curve multiplication feel like they could be modified as such
Avatar
heinrich5991 2020-07-08 11:13:22Z
https://earth.2020.cscg.de/tasks/RSA%20Service
11:13
ctf task: here's a plain text and a cipher text, find a key
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:14:00Z
bad prime choice?
Avatar
heinrich5991 2020-07-08 11:14:20Z
yes
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:15:25Z
@heinrich5991, that's a good idea actually, provide two encrypted symmetric keys and one ciphertext
Avatar
heinrich5991 2020-07-08 11:15:54Z
that's how asymmetric crypto is usually implemented
11:16
it's really slow, so you only use it for encrypting a random symmetric key
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:16:48Z
I guess in the dystopian future we'll have to regress back to the dark ages and use steganography
11:17
I'll send you mail with microdots
Avatar
heinrich5991 2020-07-08 11:17:16Z
or exercise your rights in a democracy to not let that happen
11:17
but I think saying "that can't happen" is dangerous
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:17:48Z
germany is lucky to have proportional representation guaranteed by not using an insane voting system
Avatar
heinrich5991 2020-07-08 11:18:15Z
yes, it's lucky to have its democracy reestablished after one failure
11:18
could already learn from that
Avatar
[quakenet] Learath2 BOT 2020-07-08 11:18:26Z
The rest of the world is stuck with the two party system, forever stuck in a loop between the shit party and the shit-lite party
11:19
the best part is, it's not in the interest of either party to actually change the voting system :D
Avatar
Ryozuki 2020-07-08 11:31:49Z
@Learath2 the TSA and locks u talked about reminded me about this awesome talk https://www.youtube.com/watch?v=4YYvBLAF4T8
Shakacon LLC
The Search for the Perfect Door - Deviant Ollam
11:31
a must watch tbh
11:32
you can bypass lot of doors with a sheet of plastic, its hilarious
11:35
https://youtu.be/4YYvBLAF4T8?t=719
Avatar
GitHub BOT 2020-07-08 11:36:55Z
Author icon
heinrich5991
[ddnet/ddnet] Pull request opened: #2473 Revert "Update french 07/07/20"
I don't speak French well, I can only say a few sentences. But it was enough to recognize that almost all of the changes made the translation worse. French puts a space before punctuation, the strings were apparently never tested ingame (even in the obvious places where there was an awkward abbreviation before) and overlapped the buttons. Can someone speaking Spanish look over #2456 and #2464, and someone speaking Polish look over #2462? Especially also about the problem with strings that ...
Avatar
Ryozuki 2020-07-08 11:39:53Z
@heinrich5991 thanks for the ping, the spanish translation from that guy already looks bad xd
Avatar
GitHub BOT 2020-07-08 11:40:02Z
Author icon
def-
[ddnet/ddnet] Pull request opened: #2474 Remove IP skins
Avatar
Ryozuki 2020-07-08 11:42:03Z
looks like it was made by a non native i guess
Avatar
deen 2020-07-08 11:42:27Z
he admitted to using google translate
11:42
at some point I wondered why the same guy is providing translations for 3-4 languages 😄
Avatar
Ryozuki 2020-07-08 11:43:02Z
why would he do that tho
Avatar
heinrich5991 2020-07-08 11:43:15Z
because they probably don't realize that this leads to bad translations
Avatar
Ryozuki 2020-07-08 11:43:45Z
you also can't translate literally, some expresions from english dont work in spanish
11:43
or look redundant
Avatar
Learath2 2020-07-08 11:44:17Z
Some expressions really don't translate to some languages
Avatar
heinrich5991 2020-07-08 11:47:32Z
deen already feeling pain from my update to include the data files in CMakeLists.txt
Avatar
deen 2020-07-08 11:47:38Z
😄
Avatar
GitHub BOT 2020-07-08 12:02:19Z
Author icon
bors[bot]
[ddnet:master] 3 new commits
99d02b9 Revert "Update french 07/07/20" - heinrich5991 4e2ea97 Fix a few inconsistencies in the French translation - heinrich5991 745cebd Merge #2473 - bors[bot]
12:02
Author icon
bors[bot]
[ddnet/ddnet] Pull request closed: #2473 Revert "Update french 07/07/20"
Avatar
GitHub BOT 2020-07-08 12:13:13Z
Author icon
bors[bot]
[ddnet/ddnet] Pull request closed: #2461 Fix video recorder (follow-up to 83c820db)
12:13
Author icon
bors[bot]
[ddnet:master] 2 new commits
42f1aba Fix video recorder (follow-up to 83c820db) - def- 6d17220 Merge #2461 - bors[bot]
Avatar
heinrich5991 2020-07-08 12:14:57Z
@Learath2
I think having two different config directories is wise at all.
Avatar
Learath2 2020-07-08 12:19:39Z
Thats missing a dont I guess :D
Avatar
heinrich5991 2020-07-08 12:26:47Z
https://sqlite.org/amalgamation.html#the_split_amalgamation
12:27
quite accomodating (the split amalgamation)
Avatar
GitHub BOT 2020-07-08 12:45:57Z
Author icon
heinrich5991
[ddnet/ddnet] Issue opened: #2475 Tees disappear on wide screens
But apparently reappear after turning on dyncam?
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 13:38:52Z
@noby @Learath2 yea thats about the arguments I use. But the people I talk to are usually not worried about having microphones and cameras in their house or car because they already have that
13:39
also they want the goverment to here their critique
13:39
i sometimes have a hard time explaining it
Avatar
noby 2020-07-08 13:40:20Z
there are appropriate channels to give feedback and being spied on isnt one of them
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 13:40:33Z
What worked best for me so far is pointing out that not everyone might need private communications but some doctors/politicians and journalists need it and we depend on them having privacy
Avatar
noby 2020-07-08 13:40:47Z
true
13:40
and military
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 13:41:06Z
and they have better privacy if everybody uses private communication
13:41
if you have 10 unencrypted taffics and 1 encrypted guess who the journalist is
13:41
and without journalists the democracy dies
Avatar
noby 2020-07-08 13:41:39Z
lol yeah
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 13:41:46Z
and yes i allow faking
13:42
i am also faking
Avatar
noby 2020-07-08 13:42:38Z
unfair ppl boost ur stats :p
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 13:42:58Z
yea
13:43
my mom also boosts my netflix stats
13:43
cuz we share acc
Avatar
noby 2020-07-08 13:43:29Z
do u go for multis there too
Avatar
GitHub BOT 2020-07-08 13:57:56Z
Author icon
def-
[ddnet/ddnet] Pull request opened: #2476 Use x instead of y in show distance (fixes #2475)
Avatar
Ryozuki 2020-07-08 13:58:40Z
"We don't have an option to only compile the server."
13:58
@heinrich5991 is that so?
14:01
btw is it bad practice to put the sql queries,etc in a sql file and #include as a constant somewhere?
14:01
specially big ones
14:02
https://stackoverflow.com/questions/410980/include-a-text-file-in-a-c-program-as-a-char
"#include" a text file in a C program as a char[]
Is there a way to include an entire text file as a string in a C program at compile-time? something like: file.txt: This is a little text file main.c: #include <stdio.h> int main(void) {...
Thumbnail
Avatar
Alexander 2020-07-08 14:04:50Z
is it possible to get my total in-game time on ddnet servers
Avatar
Ryozuki 2020-07-08 14:05:06Z
no, only total finished rank time
Avatar
Alexander 2020-07-08 14:05:27Z
is it possible to get time for every finish on every map or only best time is saved
Avatar
Ryozuki 2020-07-08 14:05:44Z
every finish iirc
Avatar
Alexander 2020-07-08 14:05:52Z
And where could i get that
Avatar
Ryozuki 2020-07-08 14:05:52Z
if u do /times Ryozuki on a map u can see al ur finishes
14:06
not their time tho
14:06
make ur sql query
Avatar
Alexander 2020-07-08 14:06:44Z
so the only way is to go in game and do /times on every map i finished multiple times
Avatar
deen 2020-07-08 14:06:55Z
@Alexandar what's your ingame name?
Avatar
Alexander 2020-07-08 14:07:00Z
Aca^
Avatar
deen 2020-07-08 14:07:11Z
782619 seconds
Avatar
louis 2020-07-08 14:07:17Z
isn't there a bot command for that exact thing
Avatar
Alexander 2020-07-08 14:07:28Z
is that total play time or only start to finish
Avatar
deen 2020-07-08 14:07:39Z
sum of all finished maps
14:07
we don't track when you're online
Avatar
Alexander 2020-07-08 14:08:04Z
and it also takes in count for maps that i've finished multiple times
Avatar
Ryozuki 2020-07-08 14:08:04Z
Total time for Aca^: 8 days 17 hours 58 minutes 52 seconds
14:08
#bot-cmds
Avatar
Alexander 2020-07-08 14:09:59Z
cant believe i wrote a js script to calculate all the best time for all finished maps when i couldve just asked the bot
14:10
okay, thanks guys
Avatar
deen 2020-07-08 14:11:32Z
would've been easier to download our sql database and run the query yourself
14:11
https://github.com/ddnet/ddnet/#importing-the-official-ddnet-database
ddnet/ddnet
DDraceNetwork, a cooperative racing mod of Teeworlds - ddnet/ddnet
Thumbnail
Avatar
Alexander 2020-07-08 14:12:11Z
Not really experienced with sql and didnt know where to download it
14:12
Though the time that you gave me in seconds and the time bot spat out is different
Avatar
deen 2020-07-08 14:12:46Z
It's a good thing to learn SQL, in this case the query would've been: select sum(Time) from record_race where Name = "Aca^";
14:13
Ah, the bot is probably smarter
14:13
we have some maps with "weird" times
14:13
so it probably excludes those
14:13
like Flappy Bird
Avatar
Alexander 2020-07-08 14:13:37Z
oh yeah i saw that
14:13
my time on flappy bird says its 121:13
14:15
i guess thats how the map actually works
Avatar
deen 2020-07-08 14:16:36Z
yeah, it's a bit weird to use the times for a score
Avatar
Patiga 2020-07-08 14:16:41Z
the bot does not exclude those maps https://discordapp.com/channels/252358080522747904/500032072455290880/699705146505953351
Avatar
louis 2020-07-08 14:27:27Z
anyone know the exact size of kill hitboxes and block hitboxes?
14:27
are they the same size
Avatar
heinrich5991 2020-07-08 14:28:07Z
no
14:28
ah well
14:28
unidirectional block and other block has different hitboxes btw
Avatar
Ravie 2020-07-08 14:33:57Z
@heinrich5991 the last two translations on #2462 are done in a wrong context
Avatar
DDNet BOT 2020-07-08 14:33:57Z
https://github.com/ddnet/ddnet/pull/2462
Update polish 07/07/20 by F3aRZ-hub · Pull Request #2462 · ddnet/dd...
Fix1: Finished the last two missing translations. Fix2: Fixed 1 empty translation.
Thumbnail
Avatar
afterfx 2020-07-08 14:34:54Z
Question, how long or when it will be fixed the lagging issues ?
zzzz 1
Avatar
heinrich5991 2020-07-08 14:35:29Z
unclear, never. when the attack stops
Avatar
deen 2020-07-08 14:37:19Z
@Ravie it was reverted already
Avatar
heinrich5991 2020-07-08 14:37:48Z
polish wasn't reverted yet, only french
Avatar
deen 2020-07-08 14:42:27Z
oh
Avatar
GitHub BOT 2020-07-08 14:43:30Z
Author icon
def-
[ddnet/ddnet] Pull request opened: #2477 Revert "Update polish 07/07/20"
This reverts commit 8940b817774d2ed80c2845f42bd0ca2997236b4f.
Avatar
GitHub BOT 2020-07-08 14:56:29Z
Author icon
bors[bot]
[ddnet:master] 2 new commits
5eecbee Revert "Update polish 07/07/20" - def- 0c0bb54 Merge #2477 - bors[bot]
14:56
Author icon
bors[bot]
[ddnet/ddnet] Pull request closed: #2477 Revert "Update polish 07/07/20"
15:00
Author icon
def-
[ddnet/ddnet] Pull request opened: #2478 Include cstdint to have int64_t in gameworld.h
src/game/client/prediction/gameworld.h:62:90: error: ‘int64_t’ has not been declared 62 | void CreateExplosion(vec2 Pos, int Owner, int Weapon, bool NoDamage, int ActivatedTeam, int64_t Mask); | ^~~
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 15:06:06Z
@Ryozuki
15:06
"We don't have an option to only compile the server."
15:06
there is -DCLIENT=OFF
Avatar
deen 2020-07-08 15:07:33Z
and ninja DDNet-Server to only build one target
Avatar
Ryozuki 2020-07-08 15:26:13Z
ye thats why what heinrich said was confusing to me
Avatar
heinrich5991 2020-07-08 15:26:53Z
https://github.com/ddnet/ddnet/pull/2465#discussion_r451498036 should read "to only compile the client"
Sqlite3 support and prepared statements by Zwelf · Pull Request #24...
This PR changes the abstraction layer of the score backend to thin abstractions over the MySQL and SQLite3 library. It executes all Queries in one worker thread making it easier to use the ddnet th...
Thumbnail
Avatar
Pepe 2020-07-08 15:44:48Z
Is it possible to see the ips from where are ddosing?
Avatar
noby 2020-07-08 15:48:09Z
they are all spoofed ips so no
15:48
this is something that must be fixed at the provider level
15:48
(of the senders) once it reaches the destination its too late to trace
Avatar
heinrich5991 2020-07-08 15:49:07Z
I think not all of the DoS is from spoofed sources
Avatar
noby 2020-07-08 15:49:25Z
i saw a counterstrike reflection attack earlier otday
Avatar
heinrich5991 2020-07-08 15:49:31Z
oh
Avatar
GitHub BOT 2020-07-08 15:52:02Z
Author icon
def-
[ddnet-scripts:master] 1 new commit
0e6a9a3 Add sqlite instructions - def-
Avatar
GitHub BOT 2020-07-08 15:59:29Z
Author icon
def-
[ddnet-libs:pr-sqlite] 1 new commit
37bbd8b Add sqlite - def-
15:59
Author icon
def-
[ddnet/ddnet-libs] New branch created: pr-sqlite
16:00
Author icon
def-
[ddnet/ddnet-libs] Pull request opened: #9 Add sqlite
16:00
Author icon
heinrich5991
[ddnet/ddnet-libs] Pull request closed: #9 Add sqlite
16:00
Author icon
heinrich5991
[ddnet-libs:master] 2 new commits
37bbd8b Add sqlite - def- 3ec6967 Merge pull request #9 from ddnet/pr-sqlite - heinrich5991
Avatar
timakro 2020-07-08 16:06:12Z
I have a question about DDoS: My vps hoster blocks traffic to my vps and support says it's because there is an ongoing DDoS attack. I wonder how blocking all traffic benefits them. Their isp should still route the traffic to their internet connection and potentially impact the other customers virtual servers, right? Just thinking somebody here might know, you can't google "DDoS", too buzzwordy
Avatar
heinrich5991 2020-07-08 16:06:42Z
there's the option for the VPS provider to nullroute your IP address
16:06
then the packets won't reach their premises anymore
Avatar
noby 2020-07-08 16:07:04Z
wtf unique is down too now?
Avatar
heinrich5991 2020-07-08 16:07:30Z
it might also be (if you're hosting a 0.6 server) that your server is used for an amplification attack
Avatar
timakro 2020-07-08 16:07:37Z
is this within the vps providers network or will they tell their isp to nullroute the ip
Avatar
noby 2020-07-08 16:08:17Z
benefits them because the attack could interfere with other customers on the same machine who arent being actively ddosed
Avatar
heinrich5991 2020-07-08 16:08:34Z
I don't know how nullrouting works. it roughly tells other networks that they don't need to route traffic to your IP via their network
Avatar
timakro 2020-07-08 16:08:35Z
hmm right, it's a virtual server so that makes sense
Avatar
noby 2020-07-08 16:08:52Z
idk how specifically either but ik the general purpose of it
Avatar
timakro 2020-07-08 16:10:00Z
actually this happened in the past and i was always under the impression it is a reflection attack. they provide me with a basic traffic in/out per month graph and it's about the same huge amount in and out this month
Avatar
noby 2020-07-08 16:10:37Z
i think the only way to tell if ur being used for reflection is to see if the source ips are spoofed randomly/as tw players or in a targeted way towards a few single targets
16:11
most attacks ive seen seem to be of the first type
Avatar
timakro 2020-07-08 16:11:05Z
i think they might be really blocking me because of the out traffic, some kind of system to prevent their customers doing DoS attacks from their servers and support is just giving me the default response
Avatar
heinrich5991 2020-07-08 16:11:32Z
do you host 0.6 servers?
16:11
you could try ratelimiting info packets
Avatar
noby 2020-07-08 16:11:37Z
there are ways to prevent ur server from replying to all of the attack packets
16:11
ye that^
16:11
his servers are 06 but support 07 afaik
Avatar
heinrich5991 2020-07-08 16:11:55Z
0.7 is less problematic in that respect
Avatar
timakro 2020-07-08 16:12:18Z
yeah i was ratelimiting info packets, this worked for the last attack https://github.com/unique-clan/unique-scripts/blob/091efbbc89f67d8eb03dbada004b4e58f62fdbd9/setup-iptables.sh#L25-L32
unique-clan/unique-scripts
The hocus-pocus making Unique happen. Contribute to unique-clan/unique-scripts development by creating an account on GitHub.
Thumbnail
16:13
maybe i missed some
Avatar
heinrich5991 2020-07-08 16:13:26Z
your VPS is nullrouted rn so you can't get a traffic sample, right?
16:13
connect packets as well, maybe
Avatar
timakro 2020-07-08 16:13:33Z
yep
Avatar
noby 2020-07-08 16:14:04Z
the attacks today seem to be mostly inforequest floods, with occasional floods of <5byte pks, and occasional floods of >300-1000 byte pkts
Avatar
timakro 2020-07-08 16:14:57Z
anybody else has some iptables rules i could check against by any chance?
Avatar
noby 2020-07-08 16:18:26Z
mabye
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 18:45:36Z
yo shellhackers does someone know how to do "live pipes" if id had a better way to describe it i would probably find it online haha
18:46
some guy mentioned it once that he was able to use the pipe | without buffering until the command on the left side finished
18:46
so one can edit stdout of a long running command and get live results
Avatar
[quakenet] fstd BOT 2020-07-08 18:48:18Z
edit stdout?
18:48
like, manually?
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 18:48:34Z
nah like with something else
18:48
maybe my usecase makes sense
18:48
i have a process that takes time and prints a lot of lines i want to see live output of that
Avatar
heinrich5991 2020-07-08 18:49:08Z
turn on line buffering for the stdout of that process
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 18:49:09Z
but i want to pipe it through a censor utility first
Avatar
heinrich5991 2020-07-08 18:49:38Z
many command line tools have a command line switch that does that
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 18:49:40Z
long_proc | sed 's/secret/***/g'
Avatar
heinrich5991 2020-07-08 18:49:50Z
what is long proc?
Avatar
[quakenet] fstd BOT 2020-07-08 18:49:51Z
oh
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 18:49:54Z
scp
Avatar
[quakenet] fstd BOT 2020-07-08 18:49:58Z
yeah for that it's -l, but there's also stdbuf
Avatar
heinrich5991 2020-07-08 18:50:05Z
oh yea
Avatar
[quakenet] fstd BOT 2020-07-08 18:50:07Z
which sometimes works depending on what the program does
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 18:50:11Z
oh yea looking into scp stdout option is a idea as well
Avatar
heinrich5991 2020-07-08 18:50:28Z
scp is not the optimal program for transferring large amounts of data btw, rsync is likely faster
18:50
(also works over ssh)
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 18:50:50Z
i was confused by rsync :D
18:50
but ye ik
18:54
rsync -r --info=progress2 -e ssh src dst
18:54
did the job :)
18:54
thanks guis i was totally on the wrong path lol
Avatar
heinrich5991 2020-07-08 18:55:24Z
no need for -e ssh
Avatar
[quakenet] ChillerDragon BOT 2020-07-08 18:55:31Z
oh?
18:56
ah nice
18:59
oh boi and how much faster it is!
Avatar
Plant 2020-07-08 19:11:02Z
i have cloned the ddnet-maps repository and want to start a ddnet server on windows with it, but i cant get it to load the autoexec_server.cfg file. i start it via a .lnk in the command line in the directory of the cfg file, might that be a problem?
Avatar
Learath2 2020-07-08 19:29:31Z
@deen || @heinrich5991 I was thinking, should we maybe run ddnet servers as needed up to a cap?
19:29
Like run more until there is one server with 0 players or we hit the cap
19:30
We'd have less servers on the master server list
Avatar
deen 2020-07-08 20:21:15Z
Sounds fine to me. You need a limit of how many servers max
20:21
and people can't use favorites anymore, but I'm not sure if they use that much
20:22
also the server startups might cause slight lags since they can cause swapping
Avatar
GitHub BOT 2020-07-08 20:38:55Z
Author icon
bors[bot]
[ddnet/ddnet] Issue closed: #2466 DNSBL says you can't vote
20:38
Author icon
bors[bot]
[ddnet:master] 4 new commits
66c7bf8 Tell why DNSBL isn't allowing to vote (fixes #2466) - def- 71bd706 Update src/game/server/gamecontext.cpp - def- 05ed51c Update src/game/server/gamecontext.cpp - def- 70ff2f9 Merge #2468 - bors[bot]
20:38
Author icon
bors[bot]
[ddnet/ddnet] Pull request closed: #2468 Tell why DNSBL isn't allowing to vote (fixes #2466)
Avatar
TortiLeq 2020-07-08 20:45:03Z
Do always opening and closing servers will not make lags?
20:45
I think better stay with that servers we have
Avatar
GitHub BOT 2020-07-08 20:47:14Z
Author icon
bors[bot]
[ddnet:master] 3 new commits
2a35121 Use x instead of y in show distance (fixes #2475) - def- d9c89d4 Remove IP skins - def- 8a3743f Merge #2474 #2476 - bors[bot]
20:47
Author icon
bors[bot]
[ddnet/ddnet] Issue closed: #2475 Tees disappear on wide screens
20:47
Author icon
bors[bot]
[ddnet/ddnet] Pull request closed: #2476 Use x instead of y in show distance (fixes #2475)
20:47
Author icon
bors[bot]
[ddnet/ddnet] Pull request closed: #2474 Remove IP skins
Avatar
TortiLeq 2020-07-08 20:48:25Z
Always opening and closing servers will be more expensive too cuz opening new tasks deals a lots of energy so energy cost will be bigger
Avatar
fokkonaut 2020-07-08 20:48:37Z
@deen maybe we should also send the cl_showdistance for the dummy
20:48
https://github.com/ddnet/ddnet/commit/1782d95d999df0aa0f5cdac3f6f5289f843ab7d5#diff-8a24b0d0ea486146c2a6f0c8db63e153R1566
20:48
i guess?
20:51
also, you know that 2000 and 1500 is very far? its not the same as before
Avatar
racer290 2020-07-08 21:05:49Z
i always used the hookline always on feature to play but updated yesterday, now its not showing anymore and i cant find the name of the switch to enter in the console, is there someone here who could help me with that?
Avatar
fokkonaut 2020-07-08 21:06:10Z
sorry, deen, it isnt, i was wrong
21:06
but 2000 and 1500 is very big area
21:07
why isnt it 1000/800?
21:07
like before?
Avatar
deen 2020-07-08 21:13:44Z
with the old area I had the experience that a tee flying in quickly can still be invisible
21:13
especially when playing with pings > 100
21:14
also, my default area is 1441x797
21:14
ah, you mean the default when nothing is sent by the client
Avatar
GitHub BOT 2020-07-08 21:16:59Z
Author icon
def-
[ddnet/ddnet] Pull request opened: #2479 Set smaller default area for what distance to show
as suggested by fokkonaut
Avatar
Soreu 2020-07-08 21:21:21Z
Just want to confirm old memory: TW 0.7 changed the way mapres are rendered, and no longer borderadd & others border-smthg are needed, right?
Avatar
deen 2020-07-08 21:22:59Z
sounds right
Avatar
GitHub BOT 2020-07-08 21:25:30Z
Author icon
def-
[ddnet/ddnet] Pull request opened: #2480 Send zoom status for dummy too
Avatar
deen 2020-07-08 21:25:52Z
@fokkonaut thanks for testing stuff
Avatar
fokkonaut 2020-07-08 21:26:00Z
np
Avatar
deen 2020-07-08 21:26:30Z
@TortiLeq yeah, but on the other hand Learath2 is right that during non-peak hours we have dozens of empty servers around
21:26
which makes the server list load slower and wastes a bit of bandwidth
Avatar
TortiLeq 2020-07-08 21:27:24Z
Hmm... so idk
21:27
Ok
21:28
Deen you remember that some days ago i said to you that we need 2-4 ger2 servers?
Avatar
deen 2020-07-08 21:28:47Z
yeah
Avatar
TortiLeq 2020-07-08 21:29:52Z
So i think its good idea to make something like about 5 reserve servers that will be use when all servers would be full
Avatar
deen 2020-07-08 21:30:10Z
we can dot hat quickly on demand
Avatar
TortiLeq 2020-07-08 21:30:39Z
But cant make it automatically?
Avatar
deen 2020-07-08 21:30:52Z
not at the moment
21:30
that's what Learath2 is suggesting
21:31
that we do it dynamically automatically, with fixed minimum and maximum amount of servers
Avatar
TortiLeq 2020-07-08 21:32:50Z
Yeah its trouble that dynamically can make more lags than its now... i didnt think about that fact
21:33
Maybe 4 was too many... maybe close 2
Avatar
Patiga 2020-07-08 21:47:30Z
2 questions that kinda drowned: https://discordapp.com/channels/252358080522747904/293493549758939136/730501218371108865 https://discordapp.com/channels/252358080522747904/293493549758939136/730530104488493168
Avatar
Soreu 2020-07-08 21:52:02Z
@Plant the autoexec_server.cfg should be automatically used by default by the DDNet-Server.exe. Alternatively, you can use shortcut with -f "configname.cfg" i.e.D:\Gry\DDNet\DDNet.exe -f "force_entities.cfg"
21:53
@racer290 one of those: cl_show_hook_coll_other 2 cl_show_hook_coll_own 2
21:54
@Patiga 👍
Avatar
racer290 2020-07-08 21:54:18Z
nice, thank you :)
Avatar
Patiga 2020-07-08 21:54:22Z
nice :)
Avatar
deen 2020-07-08 21:55:21Z
Haha, pay once, use server forever. Not sure I can take the hoster seriously after seeing that offered. I'd be afraid they'll go out of business a month later
Image attachment
Avatar
Learath2 2020-07-08 21:58:25Z
@TortiLeq we can always debounce it a little, like only kill servers if they are empty for a while
21:58
@deen lol, what is that offer even
21:58
What currency is that btw?
21:59
rubles?
Avatar
Soreu 2020-07-08 21:59:42Z
looks like russian's rouble
Avatar
deen 2020-07-08 21:59:58Z
yes
22:00
Our current RUS hoster has quite cheap dedicated servers, can get one for ~40 € / month: https://en.ihor.ru/dedic#cfgMTIzNDU2Nzg5MDs0OzA7MTswOzA7MDswOzMwOzE7MDsxOzE7ODswOzA7NTswOzA7MTswOzA7MTsxMDAwOzEwMA==
Dedicated servers by iHor
Physical dedicated servers: powerful processors, flexible configuration, full server control, KVM, dedicated IP address, 1 Gbps channel, possibility of installing any operating system of your choice.
Thumbnail
Avatar
louis 2020-07-08 22:00:37Z
u pay once and they just mail you the physical server
Avatar
Soreu 2020-07-08 22:00:40Z
that'd be.... €802 for the gold one?
Avatar
deen 2020-07-08 22:01:05Z
@Soreu yeah
Avatar
Learath2 2020-07-08 22:01:46Z
Hm, even if we use it for 8 years, it'll come out to 100e per year, not a great deal for a server of that size
22:02
@deen 40e a month is rather expensive, no? I don't think any of our servers including ger2 cost that much
Avatar
deen 2020-07-08 22:02:34Z
Yeah, but they promise "forever"
22:08
We could try yet another OVH vps in Warsaw as an alternative/addition to RUS
Avatar
TortiLeq 2020-07-08 22:11:30Z
@TortiLeq we can always debounce it a little, like only kill servers if they are empty for a while
@Learath2 is have sense
Avatar
Learath2 2020-07-08 22:11:30Z
Hasn't OVH let us down each time we tried it? Even with a dedicated server
Avatar
deen 2020-07-08 22:12:24Z
yeah
22:12
they have 😄
22:12
somehow others report good experiences with them, maybe it's our fault
Avatar
TortiLeq 2020-07-08 22:13:19Z
For lower costs we can set up ddnet servers on new energy save devices but... who have enough money? Konsti?
Avatar
deen 2020-07-08 22:13:20Z
I have literally no idea how to compare VPSes, all the sites have these fancy empty promises like "Protects against 10 Gbit/s DDoS"
Avatar
TortiLeq 2020-07-08 22:13:52Z
They are joking i think
22:14
They want to earn more money by clickbating
Avatar
Learath2 2020-07-08 22:15:27Z
@deen OVH always touts their Additional 3 Tbps network
Avatar
TortiLeq 2020-07-08 22:15:54Z
But yeah now its not very important. Most important is DoS and ddos topic...
22:16
Easy to say banhammer ddosers but really hard to do
Avatar
Cellegen | HU 2020-07-08 22:27:18Z
@deen i hope i can sponsor that host from september
22:27
since i found a job that takes me kek
22:27
half a year worth searching jobs
Avatar
ZombieToad 2020-07-08 22:28:31Z
the people who say OVH are good are the ones who work for them
kek 1
Avatar
Learath2 2020-07-08 22:28:53Z
@noby I knew u worked at OVH
Avatar
Soreu 2020-07-08 22:33:05Z
how much would cost hosting with actual DDoS protection?
Avatar
Learath2 2020-07-08 22:36:12Z
Honestly, ddos protection is mostly about having a large enough bandwidth and being able to efficiently drop garbage traffic
22:36
I think even if we had a large enough bandwidth, the teeworlds networking code is just not up to par for dropping the traffic quickly enough
22:37
Maybe with a stateful eBPF filter we can do bette
22:37
r
Avatar
ᶰ°Konͧsti 2020-07-08 22:38:40Z
Ask google to host tw servers
Avatar
Learath2 2020-07-08 22:39:08Z
Now that'd be cute
22:39
I was thinking of trying a cloud hoster like linode or digitalocean actually
22:39
They have rather nice bandwidth promises and I'm wondering if they'd actually null-route us for using like 1-2gbps 😛
Avatar
Cellegen | HU 2020-07-08 22:41:23Z
if that hosting is above 100 Euroes, im not gonna pay for that lmao
22:41
i really wish to support that
Avatar
ᶰ°Konͧsti 2020-07-08 22:41:33Z
Just delete ddosers from life
Avatar
GitHub BOT 2020-07-08 23:37:20Z
Author icon
F3aRZ-hub
[ddnet/ddnet] Pull request opened: #2481 Update spanish 08/07/20
Fixes: Grammar correction only.
Exported 366 message(s)