ballistica
ballistica copied to clipboard
efroemling
Bots in the queue for the server
Someone launches bots into the server queue
As far as I know, the queue data is stored somewhere on Eric's servers, and the server owners themselves cannot manage it. Players can freely enter the server using the "favorites" menu, but this is not very comfortable (they need to get the ip & port of the server). What should we do in this case?
You are correct that all this stuff lives on the V1 master server. Any idea what sort of filtering you'd like to do here? Perhaps I could expose some sort of queue filter callback for server owners or just implement some hard-coded rules on the master-server.
I admittedly don't have too much bandwidth to spare for this sort of thing right now though; all my energy is going towards V2 accounts which should be a lot harder to abuse via bot systems.
I think a simple limit on the max number of connections from one ip will do.
What do you think would be a good number though? Setting it too low could start to interfere with legit people wanting to play together from one place.
Hmm, I do not know how long the bot can be in the queue after sending the relevant request. But I have limits on sending BA_PACKET_CLIENT_REQUEST packets on my servers:
-
1 request/sec -
10 request/min -
50 request/hour
Players do not complain, bots entering the server are blocked. I think you may put something similar, but a little tougher.
For now I'll probably have to limit it to a simple maximum number of clients in the queue per ip address. I'm doing some logging right now to see how many legit people that would affect and then I can flip it on. If queues are limited to maybe 2 or 3 entries per IP address do you think that would be sufficient?
Again, I would think it needs to be a balance. If we clamp it all the way down to only one per IP at a time, 2 legit people playing from the same place won't ever be able to queue up together because they'll be detected as having the same IP.
If your server is able to kick bots somewhat effectively once they get into the game, is it even very harmful to allow them in the server queue? Can the game just chew through the ones at the front of the line quickly? And is limiting them to 2 or 3 per IP address preferable to no limit?
Bots don't join the server, they just queue. So I wanted to ask: Can they sit in the same place in the queue forever without letting players into the server? Or will they be kicked out of the queue by some kind of timeout?
And is limiting them to 2 or 3 per IP address preferable to no limit?
I think yes. Have you already tried setting a limit?
Can they sit in the same place in the queue forever without letting players into the server? Or will they be kicked out of the queue by some kind of timeout?
Since this is queue related, one of my friend ported "queue_checker.py" (which was made by someone for 1.4) It worked somewhat like this: So I had my own server in past > But since it was always full, I wasn't able to ever join (imagine in my own server 😭) > So I used this queue checker thingy > So when server was full all I had to do was join queue and wait for server to automatically increase player size (and I would join) > And yes, my own server was seen in the queue list forever...
Here is the file: https://pastebin.com/T0rKnd2z
I think a simple limit on the max number of connections from one ip will do.
You can also set a limit on creating accounts from one IP, this will seriously prevent intruders. Like a 1 acc/sec, 5 acc/min, etc
I'll try to get to this tomorrow. I'll add a short timeout when an account reaches the front of the line and is cleared to join the game. If it hasn't joined by then it'll remove it from the queue. I had forgotten that it's totally up to the client to actually join the game and exit the queue once it is given permission, so a malicious person can simply choose not to join the game and clog things up.
With that in place and a limit of a few queue entries per IP hopefully it'll be hard to fully clog up a queue.