00:39 <@deen> 25 player team trying to finish Falling Down
00:39 <@deen> http://forum.ddnet.tw/viewtopic.php?t=2044
00:39 <@deen> right now
00:39 < ddnet-commits> [ddnet] def- pushed 1 new commit to master: http://git.io/v35Z6
00:39 < ddnet-commits> ddnet/master e1fe407 def: Make team locking an option
01:21 < Chairn> we're so fast :D
01:21 < Chairn> 50 minutes, and still same part
01:21 <@deen> haha
01:22 < Savander> xDD
01:39 <@deen> laxa: and never seen TS that full, i reenabled it on ddnet.tw/status^^
01:39 <@deen> 23 people one it
01:39 < Chairn> Yeah
01:40 < Chairn> we did it :D
02:09 < Chairn> why forris cant join...
02:11 <@deen> Chairn: he has malware on his computer and is part of the botnets that attack ddnet in ddos attacks
02:11 <@deen> i told him that before
02:12 < Chairn> oO?
02:12 <@deen> i asked the provider, they checked and they're sure he's actually part of the botnet
02:22 <@deen> btw, the ddos attacks often target the tcp ports of our tw servers now
02:22 <@deen> because that seems to create the most cpu load
02:24 <@deen> udp and regular tcp to unused ports is much cheaper for the cpu
02:48 < Chairn> ... kicking players so they have a dummy back
02:48 < Chairn> what a shame
04:58 < Chairn> bot attack on falling down
04:58 < Chairn> 10 Teemo;3 joined
05:03 < Chairn> and another 13 more
05:18 < Chairn> and 8 more, right when kayumi and fels start faily part...
05:18 < Chairn> im sure captain teemo is not innocent
05:42 < Chairn> and now 18 patricks
07:01 < o_be_one> hey :)
07:02 < o_be_one> lol ... Marcella saying "it's not proxy or zombi, i made a program to fake the connection and let it think its a random ip ... But you can't understand" (saying this after connecting just like ... 10 dummys.
08:01 <@EastByte> bot attacks?
08:03 < Chairn> all the night
08:03 < Chairn> we had some patricks, teemo;3 ^^
08:04 <@EastByte> I guess the anti spoof patch is becoming handy now
08:09 < Chairn> the good point is that they were not making the server lags
08:09 < Chairn> i realized that they all used the same name(i mean 18 patricks connecting same moment)
08:09 < Chairn> cant we just make ban works for name as well?
08:10 <@EastByte> it was certainly an ip spoofing attack
08:11 <@EastByte> bans do not work there (the names probably will also change if we would ban them)
08:11 <@EastByte> https://github.com/def-/ddnet/pull/285
08:11 <@EastByte> ^ this should fix it
08:12 < Chairn> well, i dont understand much in that ^^
08:12 < Chairn> ive never looked into internet's protocol
08:13 < Chairn> but for instance, i really have no idea what this is for : https://github.com/east/ddnet/commit/a084f1e31e4c335688e116c074d942bdd03a1158
08:13 <@EastByte> the tw protocol has some flaws, you can simply fake/spoof your own ip and connect to the server
08:14 <@EastByte> the patch is doing a simple token handshake (in a hacky way)
08:16 <@EastByte> https://github.com/east/ddnet/blob/antispoof/src/engine/shared/network_server.cpp#L278
08:17 < Chairn> ah
08:18 <@EastByte> when spoofing an ip the problem is, you cannot receive the responses from the serever
08:18 <@EastByte> you are blind
08:18 < Chairn> yeah, i read that on google ^^
08:18 <@EastByte> okay^^
08:18 < Chairn> is that why bots never moves in a bot attack?
08:19 <@EastByte> well, they could actually
08:19 < Chairn> but they have no feedback
08:19 <@EastByte> attackers can still send keypresses
08:19 <@EastByte> http://eastbit.net/priv/spooferincoming.webm
08:19 <@EastByte> looks pretty creepy
08:20 < Chairn> zombies ^^
08:20 <@EastByte> indeed
08:20 < Sadale> EastByte, what client it is? :o
08:21 <@EastByte> I use normal ddnet there
08:21 < Sadale> EastByte, but it shows keypresses
08:21 <@EastByte> yea, you can enable that in ddnet
08:21 < Sadale> EastByte, interesting.
08:22 <@EastByte> "Show other players' key presses"
08:22 < Sadale> EastByte, BTW, your website is, uh, funny :p
08:22 <@EastByte> :(
08:22 <@EastByte> maybe I'll put some blog online some day
08:22 < Chairn> nice home page :D
08:22 < Chairn> but why a sad face?
08:22 <@EastByte> ehm I forgot
08:23 < Sadale> EastByte, yep. I prefer a :D face
08:23 <@EastByte> I have a public folder though, http://eastbit.net/public/
08:23 <@EastByte> Sadale: :D was there before^^
08:23 < Sadale> EastByte, interesting :p
08:23 < Chairn> im looking it at moment ^^
08:23 <@EastByte> if anyone wants to have a nice background for website: http://eastbit.net/public/cloudbg/
08:24 < Sadale> EastByte, instead of using domain/folder, I use subdomain.domain :p
08:24 <@EastByte> pff, no need^^
08:24 < Chairn> urgh, cloudbg makes me sick 
08:24 <@EastByte> you are not the first one who says that :<
08:24 < Sadale> EastByte, well, my site works in this way. It has quite a few subdomains :p
08:25 < Sadale> EastByte, wow. a testfile of 100MB. I bet that you generated it using /dev/zero or /dev/urandom
08:25 <@EastByte> probably
08:26 < Chairn> funny one http://eastbit.net/public/tw-webgl-tees/
08:27 < Sadale> :o
08:27 < Sadale> interesting
08:27 <@EastByte> I wanted to implement tw in javascript
08:27 <@EastByte> but now I don't like javascript anymore
08:27 < Sadale> EastByte, I don't have a public folder, tho. I only got something like your private folder.
08:27 < Sadale> all inside a subdomain =p
08:28 <@EastByte> ...
08:28 < Sadale> wow. you got many vids =p
08:28 <@EastByte> mostly noob stuff
08:28  * Sadale opens the vids one by one, looking for porns
08:28 < Sadale> jk =p
08:29 < Chairn> hacker !!!
08:29 < Chairn> http://eastbit.net/public/videos/zcatchluck.webm
08:29 < Chairn> how the hell did that happen?
08:29 <@EastByte> lifetime of grenade was over
08:30 < Chairn> uU
08:30 <@EastByte> but it flew pretty short, didn't it?
08:30 < Chairn> dont think so, based on its curve, it was not over i think
08:30 <@EastByte> hm well that's strange
08:31 <@EastByte> maybe the admin made fun of me
08:31 < Chairn> ^^
08:33 < Chairn> oh god, another segfault :(
08:33 <@EastByte> where?
08:33 < Chairn> im trying to load a map outside normal circumstances
08:34 < Sadale> we should make a bot for http://eastbit.net/public/videos/zcatchluck.webm
08:34 < Chairn> to change background
08:34 < Chairn> Sadale: grenade bot?
08:35 < Sadale> no. But a bot that won't die when a grenade is approaching because it does the timing very well
08:35 < Sadale> right before the grenade hits the bot, the lifetime of grenade is over :p
08:35 <@EastByte> possible, yes
08:37 <@EastByte> Chairn: there was some kind of event yesterday?
08:37 < Chairn> indeed
08:38 < Chairn> it ended 2 hours ago
08:38 < Chairn> thx to blagk :D
08:38 < Chairn> they were 5 survivors
08:38 <@EastByte> wut, so long?
08:38 < Chairn> and blagk failed
08:38 < Chairn> and they all died trying to save him xD
08:38 < Chairn> map falling down
08:38 < Chairn> unfinished ^^
08:39 <@EastByte> if I would have been there, blagk probably failed saving me^^
08:39 < Chairn> we needed 70 minutes for first part, and 2 hours for another one :D
08:39 < Chairn> because of big group
08:40 <@EastByte> probably more fun
08:41 < Chairn> at start yes, after 3 hours, less fun :|
08:41 <@EastByte> :D
08:41 < Chairn> i lost my main because forris got timeout
08:41 < Chairn> and i gave my dummy to another one cuz i got bored, so i watched them
10:30 < BeaR_> EastByte: the weapon bug is only with the grenade?
10:38 <@EastByte> let me test
10:38 < BeaR_> ok, I guess it will also affect the pistol
10:40 <@EastByte> hm _cannot_ reproduce on shotgun, laser or pistol
10:40 < BeaR_> hm thanks
10:41 <@EastByte> so you are looking into it? :D
10:42 < BeaR_> I guess I know what's causing it
10:43 < BeaR_> just tested and I think it actually affects the pistol
10:43 < BeaR_> the collision gets noticed at different position
10:44 < BeaR_> collision checks for the first tee intersected and doesn't care if it can acutally collide with it
10:45 <@EastByte> isn't it that tee interesect only can check for one tee?
10:45 < BeaR_> yes
10:45 <@EastByte> that's problematic
10:45 < BeaR_> well the first one
10:46 < BeaR_> If I would be able to compile for testing :D
10:46 <@EastByte> you aren't?
10:46 < BeaR_> no, can't find curl.h
10:47 <@EastByte> since when does the server need it?
10:47 < BeaR_> for the autoupdater, I assume
10:48 <@EastByte> but the server doesn't autoupdate
10:48 < BeaR_> \o/
10:49 <@EastByte> bam -v server_release | grep curl
10:49 <@EastByte> no result
10:49 <@EastByte> so it's only caused by include maybe
10:49 < BeaR_> well, just changed to not use 'pkgconfig' on windows and it worked
10:49 <@EastByte> kk
10:51 < BeaR_> nice, seems to work (:
10:51 <@EastByte> what did you do?
10:52 < BeaR_> https://github.com/def-/ddnet/blob/master/src/game/server/entities/projectile.cpp#L123 told the intersection function to ignore players, which can't collide
10:53 <@EastByte> should work I guess
10:55 < BeaR_> I'm still afraid of unintentional bugs ^^
10:56 < ddnet-commits> [ddnet] cinaera opened pull request #287: Fix collision bug with weapon projectiles (master...pr_weapon_coll) http://git.io/v3dCu
10:57  * BeaR_ likes the circleCI integration (:
10:57 <@EastByte> :D
10:57 <@EastByte> would be cool to have that for windows builds
11:35 < laxadedi> Hi all
11:35 < laxadedi> deen: ok that's fine with me
11:36 < laxadedi> deen: if you have any trouble some day, just send a mail at whatever@ddracepro.net and I'll look, or pm on IRC, I'll probably see it quickly
12:00 < ddnet-commits> [ddnet] def- pushed 2 new commits to master: http://git.io/v3dzD
12:00 < ddnet-commits> ddnet/master 6b2e61b BeaR: Fix collision bug with weapon projectiles...
12:00 < ddnet-commits> ddnet/master 3c0b9af Dennis Felsing: Merge pull request #287 from cinaera/pr_weapon_coll...
12:29 <@EastByte> I miserably failed :(
12:29 <@EastByte> probably won't get my university place
12:30 < BeaR_> :<
12:30 <@EastByte> because I waited for information which were already there in the webpanel
12:31 <@EastByte> the transfer deadline was 03.08
12:34 < BeaR_> what course have you applied for ?:
12:35 <@EastByte> informatics
12:42 <@deen> EastByte: ah, shit. maybe you can try to write them a mail and explain the situation?
12:43 <@EastByte> I'm still contacting them and I also did the transaction
12:43 <@EastByte> I'll see
12:44 <@EastByte> maybe I can still come in via postponed election
12:45 < BeaR_> good luck \o
12:45 <@EastByte> thanks :/
16:06 <@deen> I think they figured out how to ddos GER without it triggering the ddo protection
16:06 <@deen> i see lots of network and cpu spikes but no anti ddos trigger
16:10 <@deen> also doesn'T help that GER has ping 100 for many and gets ddosed all the time
16:16 < Savander_> :/
16:36 <@EastByte> deen: dump? :)
16:38 <@deen> EastByte: can't connect to the server when an attack is happening
16:40 <@EastByte> hm
16:40 <@deen> but it's regular tcp syn/ack ddos attacks
16:40 <@deen> i think i have a dump of an old one around (yesterday)
16:41 <@EastByte> I'm only excited if it's about udp attacks against tw port
16:44 <@deen> well, it's tcp against tw port :P
16:46 <@EastByte> wut
16:46 <@EastByte> that's funny
16:47 <@EastByte> I guess someone typed the tw port number into one of these stressing panels, not knowing about tcp/udp
16:47 <@deen> right, but we do have tcp open
16:47 <@deen> websockets
16:47 <@EastByte> oughh, right
16:48 <@EastByte> totally forgot about websocket
16:49 <@deen> maybe we should just shut down the german blocker servers and in a few months they might stop
16:49 <@EastByte> +1
16:50 <@deen> but i bet when i now broadcast "Shutting down GER blocker servers because of ddos attacks" they'll just attack more
16:51 <@deen> hm, and i also promised some guy a ger blocker server
16:51 <@deen> meh, i'll do it anyway
16:51 <@deen> xrothx isn't paying for GER anymore and the people on the server are way too annoying
16:53 <@deen> (in a few days i guess)
16:56 <@EastByte> okay
17:08 < devnull> do you really get that much ddos attacks? oO
17:08 <@heinrich5991> you could just redirect the ddos attacks to /dev/null ^^
17:09 <@EastByte> devnull: eat it! :D
17:10 < devnull> mumpf mumpf mumpf
17:12 <@heinrich5991> EastByte: du*p*lication btw
17:13 <@EastByte> I noticed it right after committing :P
17:13 <@EastByte> and thanks, grammar nazi
17:19 <@deen> devnull: recently many aren't even detected by the ddos protection anymore, but feel free to read the ddos protection logs for GER: http://ddnet.tw/ddos.png (for the last 2 weeks)
17:19 <@EastByte> updated?
17:19 <@deen> updated right now
17:19 <@EastByte> nice
17:20 <@deen> on august 8 i added a manual rule for some simple DoS attack, where 1 ip kept sending 50 mbit/s for days
17:20 <@heinrich5991> EastByte: if you notice it right after committing, there's git commit --amend
17:20 <@EastByte> ty, I'll look at it
17:20 <@deen> and if you notice it before anyone pulls, git push -f is my friend :P
17:20 <@deen> my/your
17:20 <@EastByte> ^ haha
17:21 <@heinrich5991> if someone else pulled, they'll shout at you :P
17:23 <@EastByte> I learned pretty much about git the last weeks
17:48 < devnull> hey EastByte
17:48 < devnull> wanna play a round?
17:49 <@EastByte> busy right now :/ maybe this evening?
17:49 < devnull> we'll see
17:56 < Savander_> ipp
17:56 < Savander_> spoofing
17:56 < Savander_> http://www.savander.pl/img/ypBUhWo17433
17:58 <@EastByte> guess who will have the last laugh :D
18:02 < Savander_> :p
18:03 < devnull> [15-08-16 18:02:22][chat]: *** '//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:22][chat]: *** '(1)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:22][chat]: *** '(2)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:22][chat]: *** '(3)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:22][chat]: *** '(4)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:22][chat]: *** '(5)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:22][chat]: *** '(6)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:22][chat]: *** '(7)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(8)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(9)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(10)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(11)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(12)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(13)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(14)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(15)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(16)//toast' entered and joined the game
18:03 < devnull> [15-08-16 18:02:23][chat]: *** '(17)//toast' entered and joined the game
18:04 <@EastByte> oh, sorry
18:04 < devnull> :x
18:04 <@EastByte> I thought I could stop the rest of the buffer from being sent
18:04 < devnull> and you were wrong?
18:04 <@EastByte> seems so
18:06 <@EastByte> suddenly so many ip spoofers, why?
18:08 <@deen> I'd guess someone gave away their spoofing scripts/stuff
18:09 < devnull> they are voting every toast on the server
18:09 < devnull> thats funny
18:09 <@EastByte> yea, because banning spoofed ips is productive
18:10 < devnull> they will get a timeout
18:11 < devnull> and stay like ~300s (?) because of timeout protection
18:11 <@EastByte> no, they can stay forever
18:11 < devnull> servers will be unusedable when someone runs a bot
18:11 < devnull> why should they
18:11 <@EastByte> because it's possible to do so
18:12 < devnull> only if they keep the connection up and running
18:12 < devnull> and not with a spoofed ip
18:12 <@EastByte> you can also keep the connection using a spoofed ip
18:12 <@EastByte> and as you can see they are still sending emotes
18:13 < devnull> doesnt the server need a handsheak
18:13 < devnull> or sth similar
18:13 <@EastByte> not really
18:13 < devnull> thats fucked up
18:14 < devnull> so you need to know the protokol
18:14 < devnull> and just send some packets
18:14 <@EastByte> yep
18:14 <@EastByte> they probably also spam random ack numbers
18:15 <@EastByte> to not cause a "not acked.." msg
18:15 < devnull> deen can look into that
18:15 <@EastByte> https://github.com/def-/ddnet/pull/285
18:15 <@EastByte> a fix is already online
18:16 < devnull> a mod tries to kick the bots
18:16 < devnull> but they just spawn faster :D
18:16 <@EastByte> no way to prevent that :p
18:17 <@EastByte> I hope my patch won't cause too much trouble
18:17 <@EastByte> and I hope eeeee to arrive and look over it :P
18:18 <@deen> is the problem that bad?
18:18 <@deen> i can't proof read the commit now
18:19 <@deen> but i can merge it and just run it on the actual ddnet servers
18:19 <@deen> and hope that it works
18:19 <@EastByte> deen: I just want you to be avaiable at the update
18:19 <@deen> so i should do it now?
18:20 <@EastByte> we could try
18:20 <@deen> well, now i'm afk, back in 20 min
18:20 < ddnet-commits> [ddnet] def- closed pull request #285: Ip spoofing protection (prevents spoofed connections) (master...antispoof) http://git.io/v3yQs
18:21 <@EastByte> I wanted to go to the toilet first
18:28 < Savander_> Chairn, http://savander.pl/upload/chairn.demo
18:29 <@EastByte> what about Chairn?
18:29 < Savander_> he wants demo
18:29 <@EastByte> ah
18:29 < Savander_> where i did double rocket jump
18:29 < Savander_> instead of tripple
18:29 < Chairn> can i upload mine on your server?
18:30 < Savander_> and i can get one place :D
18:30 < Savander_> cuz, i do it through ftp
18:30 < Savander_> you know :D
18:30 < Chairn> not really :D
18:30 < Savander_> it's not really hosting
18:30 < Savander_> ;p
18:30 < Chairn> i tried replacing http by ftp but ask user+pw ^^
18:31 < Savander_> :>
18:31 < Savander_> cuz
18:31 < Savander_> only one account has ftp
18:31 < Savander_> main account not
18:31 < Savander_> its through SFTP
18:31 < Chairn> im not familiar with those, im uploading it on tinyupload
18:32 < Savander_> ok
18:37 < Chairn> too bad github does not save map history when maps are updated :(
18:39 < Chairn> ahaha, kayumi's team is retrying falling down
18:40 < Chairn> ddos?
18:46 <@deen> Chairn: always
18:46 <@deen> EastByte: let's restart a few servers now?
18:47 <@EastByte> I'm releasing map right now
18:59 < Nimda> JungleBee by Exotix & Im 'corneum just released on Solo at 2015-08-16 18:44
19:01 <@deen> ready now, EastByte ?
19:01 <@EastByte> yep
19:01 <@deen> so, start it on 1 server? all?
19:01 <@EastByte> 1 server
19:01 <@EastByte> and we'll test
19:01 <@deen> ger.ddnet.tw:8323
19:11 < ddnet-commits> [ddnet] def- pushed 1 new commit to master: http://git.io/v3bfc
19:11 < ddnet-commits> ddnet/master e21d6e8 def: Remove useless variable
19:11 < ddnet-commits> [ddnet] def- pushed 1 new commit to master: http://git.io/v3bf2
19:11 < ddnet-commits> ddnet/master a61be89 def: Fix aliasing warning
19:14 < ddnet-commits> [ddnet] def- force-pushed master from a61be89 to 51dda4e: http://git.io/v3KT0
19:14 < ddnet-commits> ddnet/master 51dda4e def: Fix aliasing warning
19:14 <@EastByte> *silence*
19:14 < Savander_> i kill you!
19:15 <@EastByte> :D
19:15 < Savander_> ^^
19:16 <@deen> no one would have noticed if ddnet-commits wouldn't post
19:16 <@deen> I should ban the bot before force-pushing :P
19:16 < GoJEGrEEN> hey @deen are u there ?
19:18 <@deen> not really
19:18 <@deen> busy
19:19 < GoJEGrEEN> i think dummy chat is bug i mean when someone send msg to dummy and im on local I don't get high lighted text
19:19 < GoJEGrEEN> ok
19:19 <@deen> weird
19:21 <@EastByte> (notice that I made the last update on chat highlighting)
19:24 < GoJEGrEEN> i used last version
20:12 < devnull> ddos again?
20:22 < Savander_> all the time
20:29 < Chairn> ...
20:30 < Savander_> now again
20:43 < sdfsdfs> hm, why do i get broadcast message about ddnet client if i use ddnet client
20:44 <@EastByte> which version do you have?
20:44 < sdfsdfs> the last one
20:44 <@EastByte> interesting
20:44 < sdfsdfs> 8.1.1
20:45 <@EastByte> does it happen always?
20:45 < sdfsdfs> no
20:45 < sdfsdfs> random
20:46 <@EastByte> random is always bad
20:47 <@deen> sdfsdfs: you might have a bad connection
20:47 < sdfsdfs> yes
20:47 <@heinrich5991> is that message not marked VITAL?
20:47 < sdfsdfs> reproduce only when have long connetion
20:47 <@EastByte> I thought it is
20:48 <@EastByte> heinrich5991: but loss of the msg is still possible, isn't it?
20:50 <@EastByte> CMsgPacker Msg(NETMSGTYPE_CL_ISDDNET);
20:50 <@EastByte> Msg.AddInt(CLIENT_VERSIONNR);
20:50 <@EastByte> Client()->SendMsgExY(&Msg, MSGFLAG_VITAL,false, 0);
20:51 <@heinrich5991> EastByte: no, it isn't possible
20:51 <@heinrich5991> it's resent until it arrives
20:51 <@heinrich5991> it's being resent
20:52 <@EastByte> TStaticRingBuffer<CNetChunkResend, NET_CONN_BUFFERSIZE> m_Buffer;
20:52 <@EastByte> the question is how long
20:52 <@EastByte> NET_CONN_BUFFERSIZE=1024*32,
20:52 <@EastByte> oh well
20:53 <@EastByte> deen: we also noticed that sometimes broadcasts do not arrive, right?
20:54 <@heinrich5991> EastByte: the connection is dropped if the buffer gets too full
20:55 < Tobii> maybe the packet just arrives too late
20:55 <@EastByte> ^
20:57 <@heinrich5991> I hope the wait for the packet is not a timeout
20:57 < Tobii> https://github.com/def-/ddnet/blob/master/src/game/server/player.cpp#L378
20:57 <@EastByte> I guess it's seen as vanilla client until ISDDNET arrives
20:57 <@heinrich5991> well, ok
20:58 <@EastByte> ah
20:58 <@heinrich5991> a better solution would be to send it before e.g. CLIENT_READY
20:58 <@heinrich5991> so you can reliably determine whether the client is a ddnet client, without timeouts
20:58 <@EastByte> it's not a sys message, is that a problem?
20:58 <@EastByte> otherwise yea
21:13 < sdfsdfs> it seems it's the reason also, that in description of some ddnet servers i see only 16 playres cuz server think i use vanila client
21:50 < Chairn> got some trouble to join server
21:51 < Chairn> it seems to block on sending info to server
21:59 < Savander_> i see only 16 players veyr often on chile/china  servers :p
22:01 <@EastByte> Chairn: well that shouldn't happen
22:04 <@deen> Chairn: in defense, there was a ddos attack just the minute you posted
22:04 <@deen> (and 5 min before, and 5 min after)
22:04 <@deen> anyone want to write firewall rules to block the attacks manually?
22:09 <@EastByte> software or hardware firewall?
22:13 <@EastByte> deen: 
22:15 <@deen> EastByte: hardware
22:16 <@EastByte> me :D
22:16 <@deen> http://ddnet.tw/firewall.png
22:16 <@deen> something like this
22:17 <@deen> but try not to kill the players on the server
22:17 <@EastByte> wow
22:17 <@deen> i haven't done anything with u32 or bpf matches
22:18 <@heinrich5991> deen: can you save the html?
22:19 <@EastByte> this is exactly what I needed on ovh
22:19 <@deen> EastByte: yeah, told you nfoservers has some really cool stuff
22:19 <@deen> I've only used it to block specific DoSing ips though
22:20 <@EastByte> how many rules do we have?
22:20 <@deen> 20
22:20 <@deen> 5 were preset
22:20 <@deen> against some common attacks
22:20 <@EastByte> neat
22:23 <@deen> eeh wait
22:23 <@deen> I assumed it's hardware firewall because they're not listed in iptables and the incoming traffic went down when I blocked the DoSing IPs
22:23 <@deen> but in the description it says "The filters defined on this page are placed on the server machine itself and can be useful in blocking smaller-scale, application-specific attacks, potentially preventing malicious traffic from ever reaching the application and thereby reducing what it needs to process."
22:23 <@deen> Looks like software after all...
22:25 <@EastByte> ahhhhh
22:26 <@deen> EastByte: if you're still interested in firewall access, register here and i'll give you access: https://www.nfoservers.com/control/newaccount.pl
22:26 <@EastByte> okay I will
22:26 <@deen> also nice that they allow assigning people admin rights to a server without having to share an account
22:27 <@EastByte> indeed
22:27 <@deen> well, software firewall should still be good enough against all the tcp attacks today
22:28 < sdfsdfs> but if rules aren't listed in iptables then what means this phrase "are placed on the server machine"
22:28 <@EastByte> so the vps itself had overload?
22:28 <@deen> EastByte: right, all 3 cores 100%
22:28 <@EastByte> sdfsdfs: on the host system
22:28 <@deen> and load of 10
22:29 <@deen> sdfsdfs: yeah, it's a virtual machine, so it could just be on the host
22:29 <@EastByte> okay then we can defeat the attacks
22:29 < sdfsdfs> a ok, on the node, where kvms machines works
22:30 < sdfsdfs> or even if its something cloudstack/openstack based, then u have personal debian-based virtual router
22:30 <@EastByte> deen: the webpanel even has themes, wow!
22:30 <@deen> hahaha