Re: [hlds_linux] Mandatory Team Fortress 2 update coming
This update includes a version of libcrypto++ which incorrectly tries to use AVX instructions on CPUs that don't support those, e.g. Xeon X56** CPUs. This causes "invalid opcode" crashes. > > traps: srcds_linux[30047] trap invalid opcode ip:f762af59 sp:ffe39690 > error:0 in dedicated_srv.so[f74ac000+23f000] > The steam linux client had a similar issue caused by the same libcrypto++ library a while ago ( https://github.com/ValveSoftware/steam-for-linux/issues/4077 ). Can we please get an update with these instructions disabled? On 13 April 2017 at 22:43, John Schoenick wrote: > We're working on a mandatory update for Team Fortress 2. We should have > the update ready soon. > > As this update will be mandatory, there will no longer be a compatible > pre-toolchain-update build. Admins that have not yet moved to the most > recent optional update should ensure it works with their setups to avoid > surprises. > > > - John > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] Heads up - Updated system requirements for TF2 dedicated servers, likely mod breakage - Beta available
The new update causes invalid opcode segfaults on my Xeon X5675 systems. [31388553.168216] traps: srcds_linux[14160] trap invalid opcode ip:f6dcff59 sp:ffc82a20 error:0 in dedicated_srv.so[f6c51000+23f000] in CryptoPP::Rijndael::Base::UncheckedSetKey This stackoverflow issue descibes a similar problem: http://stackoverflow.com/questions/22100851/failing-on-call-to-mm-loadu-si128-with-aesni-intrinsics-enabled This is a gist of the debug.log: https://gist.github.com/Arie/971d996028ba9a18df75cf9c617b801f I'm no C++ programmer but I think the new steam binaries got compiled with cryptopp on a CPU supporting AVX, and these can now not be run on a CPU without AVX. On 13 March 2017 at 22:47, John Schoenick wrote: > Reminder, we plan on releasing a normal update with this change this > week. Server operators are encouraged to double-check that their setup > works against the toolchainbeta branch to avoid ugly surprises! > > - John > > > On 02/20/2017 02:46 PM, John Schoenick wrote: > > > > Hey everyone, > > > > Following up on the warning email we sent a long while back, we're > > making good on our promise and changing our build toolchains for the > > TF2+SDK2013 games' dedicated server. TF2 is being updated first, with > > the other SDK2013 games to follow. > > > > There are two things that may affect server administrators that you > > should be aware of: > > > > > > *The Linux dedicated server now targets the Steam Runtime* > > > > The Steam Runtime is a common runtime target based on Ubuntu. For > > srcds, this largely means linking against a more recent glibc than may > > be available in some server distributions. Administrators should > > check that the provided beta still runs in their environment of > > choice. Those who are on older or incompatible distributions have > > several options: > > > > - Switch to a distribution more compatible with the Steam Runtime, > > such as Ubuntu LTS > > > > - Make use of a chroot/container/VM environment to run srcds. The > > tools linked below include a script for creating a chroot that can be > > used for bootstrapping Steam Runtime environments. > > > > - Use the Steam Runtime tools linked below combined with some dynamic > > linker magic to use the runtime libraries on an incompatible > > distribution, e.g.: > > > > steamrt=/path/to/runtime > > export LD_LIBRARY_PATH="bin:$steamrt/usr/lib32" > > LD="$steamrt/usr/lib32/ld-linux.so.2" > > "$LD" ./srcds_linux "$@" > > > > More information about the Steam Runtime and utilities for obtaining > > it can be found here: https://github.com/ValveSoftware/steam-runtime > > > > * > > * > > > > *The compiler toolchain used for all editions of srcds has changed* > > > > Along with the client builds, all server builds have been updated to a > > newer compiler. Windows builds now use the MSVC2015 tools, while > > Linux builds now use a newer edition of GCC with differing > > command-line parameters that affect codegen. > > > > This is expected to break mods that expect certain ABI behaviors or > > look for certain signatures in order to hook functions (such as > > SourceMod). We have separately spoken with the SourceMod team and > > they are working on supporting the new setup. Maintainers of other > > mods should test them against the beta release below. > > > > Our previous warning also indicated that this would change the _srv > > naming of the linux binaries. We have decided *not* to adjust this, > > and the separate _srv build and naming remains unchanged. > > > > > > *Beta* > > > > We've made a beta branch available for TF2 with these new changes. > > The remaining SDK2013 games will be updated in the near future, and we > > will provide a beta for them at that time. > > > > The beta is compatible with the current TF2 public release - servers > > may safely convert to it and continue serving both beta and non-beta > > clients. > > > > The beta branch is titled "toolchainbeta" with no required password. > > It can be accessed with SteamCMD via: > > > > app_update 232250 -beta toolchainbeta > > > > These changes may be promoted to an official release of TF2 as soon as > > next week, so we encourage all server administrators to test their > > setup against the beta before then. > > > > > > Let me know if you have any questions or concerns > > > > - John > > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
Re: [hlds_linux] TF2 ultra high cpu usage after the recent updates
Experienced the same issue. Running 4 servers on a quad core box, server 1 is fine, takes <10% CPU idling, which is normal. The 3 others take between 30% and 50%. Doesn't matter if I shut them all down and just run them separately, the behaviour of the servers is the same. The first at 27015 will always be normal, the rest has high CPU usage. Those servers are pretty much equal. 3 of them run no plugins/addons, including the low CPU one. Identical configs apart from the port they run on. On 24 June 2011 16:50, Marco Padovan wrote: > I'm getting impressively high cpu usage (50% cpu usage when server is > empty) after the recents tf2 updates... > these were just standard servers used for etf2l competitions (no mods, > nothing... just STV enabled...) > > Anybody having the same problem? what's the cause? > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?
Just checked another server and it was fine. Only during the attack connecting was impossible, but that was expected. On 28 January 2011 00:29, Ross Bemrose wrote: > I have no problem connecting to one of my servers (red.ocrtf2.com:27015) > post-update. > > However, my servers aren't being DoSed either... > > > On 1/27/2011 6:17 PM, Arie wrote: > >> Well, the new update seems to be effective at blocking the DoS attacks. >> >> Too effective even, because after an attack it won't allow anyone to >> connect >> any more, even though it's still running and not frozen. >> >> >> >> >> On 28 January 2011 00:01, Kyle Sanderson wrote: >> >> Doesn't look like it. I was surprised that nothing was announced on >>> the list. Maybe they're pushing a bigger update later in the day that >>> is required?. >>> >>> Kyle. >>> >>> On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose >>> wrote: >>> >>>> I always update my servers if I see a client update. >>>> >>>> Today's update updated just one file on the server side: engine.so in >>>> the >>>> >>> OB >>> >>>> Linux Dedicated Server package. >>>> >>>> Does the fact that it's engine.so mean this is a required server update? >>>> >>>> ___ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>> >>>> ___ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >>> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Is today's TF2/DODS/CSS update a required server update?
Well, the new update seems to be effective at blocking the DoS attacks. Too effective even, because after an attack it won't allow anyone to connect any more, even though it's still running and not frozen. On 28 January 2011 00:01, Kyle Sanderson wrote: > Doesn't look like it. I was surprised that nothing was announced on > the list. Maybe they're pushing a bigger update later in the day that > is required?. > > Kyle. > > On Thu, Jan 27, 2011 at 2:53 PM, Ross Bemrose > wrote: > > I always update my servers if I see a client update. > > > > Today's update updated just one file on the server side: engine.so in the > OB > > Linux Dedicated Server package. > > > > Does the fact that it's engine.so mean this is a required server update? > > > > ___ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] CSS Server flooding or attack?
Gameserver port. The attack appearing to come from hundreds of IPs means nothing as it's trivial to spoof the source IP with UDP. On 27 January 2011 11:12, PryMaL wrote: > On 27/01/2011 8:25 PM, Arie wrote: > >> These recent attacks all work by overloading the server with UDP packets. >> Most effective are the A2S_INFO and similar attacks using valid packets. >> It's very cheap in terms of CPU and bandwidth to craft a packet that asks >> a >> gameserver for it's information. It takes a number of times more CPU power >> to generate the response. >> It only takes a simple connection with about 3Mbit upstream to take down >> any >> OrangeBox gameserver. >> >> does this form of attack use the game ports? > or just hammer the IP? > > Reason I ask is the attacks appear to be simply hammering many different > ports and coming from hundreds of IP's simultaneously. For all I can see, > it's a DDoS... > > -- > PryMaL > > Email: pry...@geekout.info > Twitter: prymal81 > > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] CSS Server flooding or attack?
These recent attacks all work by overloading the server with UDP packets. Most effective are the A2S_INFO and similar attacks using valid packets. It's very cheap in terms of CPU and bandwidth to craft a packet that asks a gameserver for it's information. It takes a number of times more CPU power to generate the response. It only takes a simple connection with about 3Mbit upstream to take down any OrangeBox gameserver. The A2S_INFO attack has been known for quite a while, and that's why querycache was developed. This caches the response to A2S_INFO, so only one A2S_INFO request will hit the gameserver, the rest will be served from cache. Because querycache was very effective in blocking the A2S_INFO attacks, the attackers switched the kind of packet they used and started sending A2S_PLAYER and other valid A2S_ packets. After writing a firewall script specifically limiting these known A2S packets, the attackers changed their tactic again, and started using invalid A2S packets. They're similar to A2S packets, as they start with ff, but are followed by a random number instead of one of the known ones. The gameserver still spends time working on these invalid packets, causing the lag. The only effective solution I know of is rate-limiting the amount of ff packets that get to your server. We've experimented with a few values and found a limit of 60/sec has no side-effects and can withstand the DoS attacks. Also, these attacks seem to be semi-automated. Attacking passworded servers with players on it. If you're not running a public server you can set "hide_server 1" in your server.cfg to not be shown on the master server list. This is effective unless something knows your server ip:port and attacks it manually. On 27 January 2011 07:44, Rodrigo Peña wrote: > Hello, > > Many server admins are reporting to have their servers attacked. There are > several methods used to attack a srcds servers: > > -UDP Flood: A packet specially crafted could make pings raise in the > server. Search SRCDS DoS Fix in google, I don't remember the exact names > now, but I currently use one from sourceop.com > > -A2S Queries flood: an A2S Query UDP packet with random source ip is > flooded making the server freeze for not being able to handle that large > amount of queries. This attack must be done with a high bandwidth connection > (not sure). This can be partially fixed using 'A2S Query Cache' or IPTables > > I suggest you to look to the simmilar threads in this mailing list > > -Rodrigo > > > > El 27-01-2011 3:24, PryMaL escribió: > > Afternoon (at least for me it is at the moment) all, >> >> We've had some issues on CSS servers the last 2 days with what appears to >> be targeted attacks (ie. DDoS) on our servers. Approximately the same time, >> for a few minutes and the attack is based on the IP. >> >> Just wondering if anyone's aware of anything that may be causing this from >> the game server side? or if we're actually being attacked... >> I suspect/believe the latter. >> >> > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] tf2 ddos - again - please do something
Most of the attacks directed at my server are exactly 30 seconds long and designed to freeze the server long enough to drop all players. This attack seems to be no longer effective on my server due to filtering and limiting the amount of packets/sec. Yesterday the season finals of ETF2L were played and the first gameservers were attacked and brought down. For some reason my servers were able to withstand the attack, but I'm not sure why since at least one of the gameservers that was attacked earlier uses similar protection. During the match both the relays and gameservers kept getting attacked but the firewall was effective in keeping the server safe this time. This is the current (ruby) script I use to generate the firewall rules and set up 'querycache' to deal with A2S_INFO floods. https://github.com/Arie/tf2scripts/blob/master/rate-limit-iptables-querycache.rb About a week ago Ronny of nice-servers.com and I contacted Robin Walker about the DoS attacks we were seeing then. These were the A2S_INFO/A2S_PLAYER/A2S_RULES attacks. Hi guys. > Our dedicated server folks are now fully up-to-speed on the issue, and hope > to get to it soon. > > Robin. Recently we've been seeing attacks using udp packets starting with ff, but unlike a normal A2S packet like ff54, these ones had random numbers after. An orangebox server seems to invest some CPU time in any packet starting with ff. Below is a log of a 30-second attack. Jan 20 22:17:50 FLOOD 27025 SRC=68.180.244.207 DST=80.84.250.224 LEN=53 TOS=00 PREC=0x00 TTL=61 ID=35101 CE PROTO=UDP SPT=2925 DPT=27025 LEN=33 SNIP- Jan 20 22:18:19 FLOOD 27025 SRC=159.142.163.232 DST=80.84.250.224 LEN=53 TOS=00 PREC=0x00 TTL=61 ID=35537 CE PROTO=UDP SPT=60706 DPT=27025 LEN=33 On 25 January 2011 08:58, wrote: > Our servers aren't CRASHING, but they're freezing for the 30 seconds long > enough to drop every single player > > > -Original Message- > > From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux- > > boun...@list.valvesoftware.com] On Behalf Of Marco Padovan > > Sent: 24 January 2011 23:33 > > To: hlds_linux@list.valvesoftware.com > > Subject: [hlds_linux] tf2 ddos - again - please do something > > > > Looks like there's another kind of crafted packed around flooding tf2 > > servers and crashing them... > > > > how does this new pattern looks like? > > ___ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] tf2 denial of service - please do something!
Ronny and me wrote that blogpost on vanillatf2. During our tests the filter seemed effective and not causing too much CPU usage even when sending multiple megabytes worth of packets per second, so I'm curious why you say it's not going to work for you. It would of course be better if the gameserver itself would use sv_max_queries_sec_global properly. Right now this setting doesn't help against these attacks. On 5 January 2011 23:42, Marco Padovan wrote: > I'm hosting many tf2 servers and lately we are getting a lot of denial of > services... > > basically we got our machservers spammed with query requests till the point > they time out (the machine is running properly, it's just the gameserver > slowly dieing) > > an effective way to stop this kind of behaviour is: > http://www.vanillatf2.org/2011/01/fighting-dos-attacks/ > > but that cannot be handled properly on boxes as busy as ours... > > basically with just little effort anybody is able to take down a single > gameserver spamming it with query requests :( > > What can we do to stop that? > Is there a decent plugin/official fix to get rid of this problem instead of > doing packet inspection via iptables on boxes handling 1+ > packets/second? > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Somebody is dosing my server, how to prevent it?
Setting those variables would remove all limits on queries. That would stop the messages, but it would not fix your problem ;) Pawel wrote: > http://www.mediavida.com/vertema.php?fid=17&tid=60857 > I found the that i should set such cvars > max_queries_sec -1 > max_queries_sec_global -1 > max_queries_window -1 > > That will help me? I don;t understand this language, that spanish? :P > > On Mon, Nov 17, 2008 at 10:26 PM, Arie <[EMAIL PROTECTED]> wrote: > >> Ban the IP? Set up a script that checks the serverlogs periodically for >> these message and auto-ban IP's that trigger the rate limits often? >> >> >> >> Pawel wrote: >>> Hi, >>> >>> Today in logs i found: >>> >>> L 11/17/2008 - 21:56:03: Traffic from 83.4.116.235:4996 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:4997 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:4998 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:4999 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:4998 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1025 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1026 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1025 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1027 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1027 was blocked for >>> exceeding rate limits >>> L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1028 was blocked for >>> exceeding rate limits >>> >>> and it is full of such lines. >>> >>> Server is up to date, protocol 48, steam. But we felt lags and CPU load >> was >>> 80% :| >>> Could you help me? :D What i should make to prevent my server from ddos? >>> >>> Thanks >>> ___ >>> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Somebody is dosing my server, how to prevent it?
Ban the IP? Set up a script that checks the serverlogs periodically for these message and auto-ban IP's that trigger the rate limits often? Pawel wrote: > Hi, > > Today in logs i found: > > L 11/17/2008 - 21:56:03: Traffic from 83.4.116.235:4996 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:4997 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:4998 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:4999 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:4998 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1025 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1026 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1025 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1027 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1027 was blocked for > exceeding rate limits > L 11/17/2008 - 21:56:04: Traffic from 83.4.116.235:1028 was blocked for > exceeding rate limits > > and it is full of such lines. > > Server is up to date, protocol 48, steam. But we felt lags and CPU load was > 80% :| > Could you help me? :D What i should make to prevent my server from ddos? > > Thanks > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] How I can reply to the certain thread?
View, Sort By, Threaded Tom Leighton wrote: > Is there a way to get Thunderbird to display messages like this, rather > than as a normal email view? > > Maybe for a specific folder? > > Ondřej Hošek wrote: >> Actually, I doubt that's what defines a thread. You should rather look >> into the headers of messages past, where you can see an obvious >> In-Reply-To. This cool header is the backbone of threaded views in mail >> clients, and is respected by them when the reader presses the "Reply" >> button. >> >> This makes such cool things like changing the subject from >> [ut3] Linux client >> to >> [ut3] Epic doesn't care (was: Linux client) >> work without breaking the thread. However, the final call lies with your >> mail client. >> >> ~~ Ondra >> >> On 09.07.08 23:25 Uhr, Patrick Shelley wrote: >> >>> The reason you method posted a new thread is because you changed the >>> subject. The subject was new to the list so it created a new thread. >>> >>> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> >> > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] 'Linux Server Engine' version 28 SEGV!
Servers were running fine, even running the latest 3327 server build. After shutting down the server and starting it again, it keeps giving segfaults. Things I've tried: apt-get update, dist-upgrade the box. gamedll_linux "dlls/cs_i386.so" to disable all plugins Still keeps crashing. Tested on both Debian testing and Debian unstable. Both servers are on Pentium 4's, the Debian Unstable is one with Hyperthreading enabled. The Debian testing is an old Pentium 4 1.6 Northwood without Hyperthreading. These logs are from servers running no plugins. Debian testing: ./hlds_run: line 342: 1611 Segmentation fault (core dumped) $HL_CMD "/home/arie/cs2/core.1611" is not a core dump: File format not recognized debug.cmds:1: Error in sourced command file: No stack. email debug.log to [EMAIL PROTECTED] debug.log: -- CRASH: Tue Dec 6 16:49:58 CET 2005 Start Line: ./hlds_i686 -game cstrike +ip myserverip +port 27035 +exec server.cfg +map fy_snow +developer 1 +maxplayers 16 -secure -autoupdate -debug -pidfile hlds.1598.pid Using host libthread_db library "/lib/tls/libthread_db.so.1". End of crash report -- Debian unstable: ./hlds_run: line 342: 18954 Segmentation fault (core dumped) $HL_CMD Failed to read a valid object file image from memory. Cannot access memory at address 0xb80014f4 Cannot access memory at address 0xbffee34c debug.cmds:3: Error in sourced command file: Cannot access memory at address 0xb80014f4 debug.log: -- CRASH: Tue Dec 6 16:37:17 CET 2005 Start Line: ./hlds_i686 -game cstrike +ip myserverip +port 27025 +exec server.cfg +map de_dust2 +developer 1 +maxplayers 12 -secure -autoupdate -debug -pidfile hlds.25453.pid Using host libthread_db library "/lib/tls/libthread_db.so.1". Core was generated by `./hlds_i686 -game cstrike +ip myserverip +port 27025 +exec server.cfg +map de_'. Program terminated with signal 11, Segmentation fault. #0 0xb7fdc0a3 in ?? () #0 0xb7fdc0a3 in ?? () End of crash report -- ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] qstat
I thought Qstat used the same way of getting information as HLSW and the Steam Server browser. So I don't think that's the cause of the ping spikes :) kama wrote: Have anyone got any problems with qstat choking the server? I have a script that query the servers every now and then. And every now and then the servers chokes for a while. its just a spike, but everyone notice it. Im currently working on the site it came up as an possible issue to the choke spikes i see every now and then. /Bjorn -- The best acceleration you can get on a mac is 9.8 m/s^2 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] HL - Linux Server FPS
Kaspar Pedersen wrote: This is a multi-part message in MIME format. -- [ Picked text/plain from multipart/alternative ] Hi I have discovered something not so funny, my linux servers seems to run at 333fps, this looks like an odd number. I would like them to run 500+ does anyone have any tricks? (on windows they run 500fps). My current kernel version is 2.6.9. Thanks Kaspar -- ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux 333FPS is just fine, don't follow the hype. Everthing higher than 100 FPS is absolute overkill. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] URGENT BUG!!! ALFRED, PLEASE READ!!!!
I'm not even surprised it took so long to be detected by users. This bug is so incredibly stupid, it's the last thing you'd try to exploit a server. hondaman wrote: ANYONE can kick ANYONE ELSE. NO RCON NEEDED! simply do: kick playername wtf valve :( ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] [Full-Disclosure] Remote crash of Half-Life servers and clients (versions before the 07 July 2004) (fwd)
My 'auto-updating' server was vulnerable. Now manually updating. Thanks for the heads up Dominic wrote: This has just been posted to several security related mailing-lists, and I thought it might be of interest to this list. The steam changelog mentions the fix: ENGINE: Addressed split packet issue (found by Luigi Auriemma) ... Maybe a "heads-up" to the remaining cs 1.5 servers would have been nice, too... Kind regards, Dominic -- Forwarded message -- Date: Mon, 12 Jul 2004 18:54:00 + From: Luigi Auriemma <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: [Full-Disclosure] Remote crash of Half-Life servers and clients (versions before the 07 July 2004) ### Luigi Auriemma Application: Half-Life engine http://half-life.sierra.com http://www.steampowered.com Versions: before the 07 July 2004 (both Steam and not-Steam) Platforms:Windows and Linux Bug: writing on a read-only memory zone causing crash Risk: high Exploitation: remote, versus server and client Date: 12 July 2004 Bug found by: Terry Henning (aka Soul Beaver) Advisory: Luigi Auriemma e-mail: [EMAIL PROTECTED] web:http://aluigi.altervista.org ### 1) Introduction 2) Bug 3) The Code 4) Fix ### === 1) Introduction === Half-Life is the most famous FPS game existent, no doubts. It has been developed by Valve (http://www.valvesoftware.com) and has been released in the far 1998, but also after all this time it continues to be the most played game with its MODs like Counter-Strike, Natural selection, Sven-coop and many others. Everyday there are about 37.000 servers online! As already specified in the header of this advisory I want to underline that this bug has been found by Terry Henning. ### == 2) Bug == The problem is a crash of the game (both servers and clients are vulnerables) caused by a malformed packet. Each Half-Life packet is composed by the first 8 bytes used to track packets and to reassemble splitted data, just this second feature is the cause of the crash because the game doesn't correctly manage the empty splitted packets (so composed by the first 8 bytes only). The crash is the effect of the copying of data to a read-only part of memory (.reloc of swds.dll). An example of malicious packet is the following: "\xFE\xFF\xFF\xFF\x00\x00\x00\x00" Naturally spoofing is possible. ### === 3) The Code === http://aluigi.altervista.org/poc/hlboom.zip ### == 4) Fix == If you use Steam you are already patched by some days. To note that Half-Life is now supported ONLY via Steam, the half hated or loved content management system of Valve. The latest non-Steam patch is stopped at the 1.1.1.0 (affected by other worst bugs) and is no longer supported. ### --- Luigi Auriemma http://aluigi.altervista.org ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Server.cfg - TWEAKS- Opinions
Remember that the scoreboard ping times and the net_graph ping times are only accurate when the client uses the standard updaterate. So they might show up lower than they actually are. For example: When I set my updaterate to 51, my net_graph ping is <10ms. Which is impossible since a DOS ping to the server already takes 11 ms. When I set the updaterate to 20, the net_graph ping is a bit higher, but more likely to be accurate. So the higher you set your updaterate, the lower the ping appears to be in the scoreboard and net_graph 3. When your server runs at lower fps and lower maxupdaterate, you are doing this to your clients, so their pings appear to be higher. Mike wrote: Odd. Just doing it to a pub really quick... There are a few people pinging in the 20s, alot in the 30s. Doing a quick sys_ticrate 50 and doing another status, I see 1 person in the 40s and a bunch in the 50s. I tried this several times. Normal FPS is around 100-200, HZ 600 ticrate 200. I agree 50FPS runs well, but it seems we'd have to make a choice between ping and choke... - Original Message - From: "Arie M" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, July 08, 2004 2:34 PM Subject: Re: [hlds_linux] Server.cfg - TWEAKS- Opinions No not at all. Latencies are as low as normal, everyone with a decent connection has a ping of 30ms or less. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] (no subject)
SaTaNaX wrote: I just update my server with http://www.steampowered.com/HLserver/apr28/linux_cstrike_hlserver_4282004.tgz. All work fine .. but when i change to de_vertigo.bsp it ask me for de_vertigo.wad. Where is de_vertigo.wad? Im looking for it and i dont see it anywhere. Sorry I dont write english well. XXX SaTaNaX BATTLE[new], Tu NueVo CaMpo De BaTaLLa!! __ Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux Valve forgot to put a wad file in this release the fix offered by Valve is: Remove de_vertigo from your mapcyclebrilliant don't ya think? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
[hlds_linux] svc_bad, any fixes available?
I still get the svc_bad error on my servers. An awful lot of players get dropped from the server with this error message. Can't seem to find why it happens. I searched the list for svc_bad and found Alfred Reynolds comment on someone who posted a log. "This is good data, should really help track down the problem." However, after this I found no more messages about a fix for the problem :( ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Update going smoooooooth
All my servers offline: Checking bootstrapper version... Nothing after that. My Steam client won't start, stops after: Checking for updates... gj again ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] steam bans
john wrote: Hi, The system I use for banning relies on a central banfile that is updated and exec'd on mapchange by means of the server config file. However, if a ban is removed from the central banfile, the server still remembers all that have been previously banned, unless they are removed manually or the server is restarted. Is there any way to make the server forget all bans it has at map change, without me having to script things like compare old ban file with new, see whats removed, and then kkrcon removeid that from all servers.. cheers, john ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux Instead of removeing the line from the list, change the line to removeid ID :) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Maps and cpu load...
Commendatore wrote: Hie all ;-) Is someone know why some maps have more cpu load than others ? I've 5 Steam CS servers on a P4 2,4GHz machine under Debian stable, and when the maps are aztec or italy, each map have between 20% and 70% cpu load on only one server with 18 slots max. On others maps, i've a cpu load between 0% and 17% max... So is it raisonnable to have developed maps that requires half cpu load for a 18 slots server ? Is Steam plan to update aztec and italy ? BigGun. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux It's not really the mapsit's the players walking and shooting on those maps. Some maps are more hectic than others. Requiring more CPU time. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Language on this list
Ryan Schulze wrote: Alfred Reynolds wrote: We have never been strict on moderating this list but lately the language on this list has slipped well below acceptable standards. Please remember the diverse group of people subscribed to this list, keep your language clean. - Alfred ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux lately the quality of the released software has also slipped below acceptable standards ... consider the language here as a mirror of how your work affects the people who use it. ^_^ Currently I'm experiencing the joy of dozens of ppl PM-ing me on IRC, asking why they can't connect to the servers, why their steam client isn't updating why the servers are crashing.. More Automatic updates plz! ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
[hlds_linux] Another, Thank you Valve for bringing us Steam - thread
Thank you Valve, for introducing Steam to us. All day I needed to log out and log back into Steam in order for it to work. If I didn't follow this stupid routine I would get an obscure error message, indicating that my User Id Ticket had expired. At the moment, I can't play AT ALL. I get the usual User ID Ticket expired error, but this time, I can't LOG OUT OF STEAM! I press the Log Out button, Steam.exe gets 90% CPU time of my P4 1,6Ghz and just hangs at that. No way to log out, no way to log in, no way to play Great idea to destroy a perfectly working system (WON) and replace it with this buggy piece of shit. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] strange CPU usage
Yes i see this happening on my box as well, doesn't seem to cause any lag here. I guess the servers can get the CPU time when they really need it. Alexander Schäfer wrote: Hiho, Since we all see new strange things happening I'm wondering how the following stats could be created. Those are true, because there are the same output as from TOP (for an interval of 5secs, btw a mapchange is faster than a sec). http://www.temporal.ch/work/lag/ We have around 6 cs server running the day and the day after where we made those stats, but without ANY players on them. They have been started in an interval of 2min. so they dont make extreme cpuusages on map changes by adding each's cpu usage. but suddenly, we found out that nothing helped against those evil hlds processes. Without any hldsproc's the server runs fine. We dont have the same prob for our quake3-engine gameservers. And the serversystem is the same as two other servers we have (without those problems) but they arnt SMP (P4 2.8ghz 1gbram). so... why do hldsprocesses suddenly all together take 80-100% CPU Usage with 0players on them for more than (i watched) 5secs? while NOT doing a mapchange? why all together (are they fighting for cpu time? :/)? well, im confused. bye Alex ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Server Performance and WonID LookUp
doesn't matter Joshua Gardiner wrote: sys_ticrate 1000 - command line or config files? Does it even matter? Joshua -Original Message- From: Arie [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 10, 2003 10:01 AM To: [EMAIL PROTECTED] Subject: Re: [hlds_linux] Server Performance and WonID LookUp pingboost 3 and sys_ticrate 1000 0wnz j00 ;) also running 3.1.1.0c will get better performance per megahertz. Joshua Gardiner wrote: Greetings, Posted this under the standard Linux forum but it seems here would be more appropriate. Current box is a XP2400+ with 512megs of ram. Bandwidth isn't an issue and this is just a private server w\nothing else running ATM. RH9, hlds 3.1.1.1C Wondering if there is anything that maybe isn't ideal for pubs that might make my private server run smoother? My server runs fine but sometimes people get choke. Thinking maybe there are some settings I can setup that might prevent that. Most don't, only a few, but I'd still like to get rid of it. Currently running pingboost 2, maxrate 12000, maxupdaterate 101.. Anything else? Also I've searched and searched for a plug-in that can reference Wonid's to cal's database from serverside but unfortunately the only one I ever found that worked [Nemo's] is now a dead project. Has anyone else found something like this they could possibly share? Input appreciated. Thank you, Joshua ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] hlds 3.1.1.x doesn't really start
Try ./hlds_run -game cstrike +ip someiphere -port 27025 +map de_dust2 Should do the trick. Michael Bakker wrote: Hello Arie, Wednesday, June 4, 2003, 3:14:15 PM, you wrote: try opening a map? :P Michael Bakker wrote: Hi, I've got the following problem: [EMAIL PROTECTED]/hlds_l% ./hlds_run -game cstrike grep: /proc/cpuinfo: Permission denied grep: /proc/cpuinfo: Permission denied Using default binary. Enabling debug mode Auto-restarting the server on crash Console initialized. Protocol version 46 Exe version 3.1.1.1 Exe build: 16:49:39 May 30 2003 (2409) WON Auth Server Server IP address 213.133.100.139:27015 Downloading Security Module from Speakeasy.net ... Completed downloading Security Module from Speakeasy.net Server is in Secure Mode. status Can't "status", not connected quit Adding master server 65.73.232.251:27010 Adding master server 65.73.232.253:27010 Adding master server 65.73.232.252:27010 Wed Jun 4 15:02:21 CEST 2003: Server Quit The /proc/cpuinfo error is because of my gr-security patched kernel. If i wait a few minutes or 1 hour it wont go further after "Server is in Secure Mode.". hlds is not listening on tcp port 27015 only on udp. I have the same problem when using a 2.4.20 kernel without any patch and any hlds version (3.1.1.0/3.1.1.1x). This is a new installation of hlds and cstrike. I have not modified anything, just extracted the archives. If I remember correctly normally "Adding master server" should be done after starting and not exiting the server. I've also tried it with secure "0" and sv_stat "0". Following the situation with strace didnt help (or even I did not see any errors). -- Best regards, Michael Bakker mailto:[EMAIL PROTECTED] ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux Starting with "+map de_dust" now shows the "Adding master server" at the begining and "status" is working now. But shouldnt it just start the first map in mapcycle.txt? Besides that, hlds doesn't still bind on 27015 (tcp protocol) so connecting to this server isnt possible. I forgot to mention that I'm not using any firewall rules and I've tried to bind hlds to another ip on the box. The problem remains. -- Best regards, Michaelmailto:[EMAIL PROTECTED] ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] hlds 3.1.1.x doesn't really start
try opening a map? :P Michael Bakker wrote: Hi, I've got the following problem: [EMAIL PROTECTED]/hlds_l% ./hlds_run -game cstrike grep: /proc/cpuinfo: Permission denied grep: /proc/cpuinfo: Permission denied Using default binary. Enabling debug mode Auto-restarting the server on crash Console initialized. Protocol version 46 Exe version 3.1.1.1 Exe build: 16:49:39 May 30 2003 (2409) WON Auth Server Server IP address 213.133.100.139:27015 Downloading Security Module from Speakeasy.net ... Completed downloading Security Module from Speakeasy.net Server is in Secure Mode. status Can't "status", not connected quit Adding master server 65.73.232.251:27010 Adding master server 65.73.232.253:27010 Adding master server 65.73.232.252:27010 Wed Jun 4 15:02:21 CEST 2003: Server Quit The /proc/cpuinfo error is because of my gr-security patched kernel. If i wait a few minutes or 1 hour it wont go further after "Server is in Secure Mode.". hlds is not listening on tcp port 27015 only on udp. I have the same problem when using a 2.4.20 kernel without any patch and any hlds version (3.1.1.0/3.1.1.1x). This is a new installation of hlds and cstrike. I have not modified anything, just extracted the archives. If I remember correctly normally "Adding master server" should be done after starting and not exiting the server. I've also tried it with secure "0" and sv_stat "0". Following the situation with strace didnt help (or even I did not see any errors). -- Best regards, Michael Bakker mailto:[EMAIL PROTECTED] ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux