Re: [hlds_linux] HTTP Download.
For those of you who typed sv_downloadurl and got "" it is because not every server has it set up. Some simply let you dl from the server playing the game instead of a separate location. - Original Message - From: "Simon Lange" <[EMAIL PROTECTED]> To: Sent: Sunday, July 17, 2005 8:00 AM Subject: RE: [hlds_linux] HTTP Download. apache has bandwidthlimiting too, but ppl usin downloadurl becuase the DONT WANT bandwidth limiting. however, the best was is to user mod_rewrite and to check condition if the remote http refferer is one of the allowed gameservers. if not, well, one way would be to throw an error, another way would be to direct them to ur website. if the remote http refferer is correct (hl2://) u allow access with full speed. well, if u still want bandwidth shaping use one of the bandwidth shaping modules coming with apache1/2 :) almost forgot: u can use mod_rewrite directives within ur .htaccess container. ;) regards Simon PS: and now please back to mailinglist topic... knowledge how to configure/secure apache is an issue of another mailinglist. :D Simon Lange //Director www.polynaturedesign.com +49[0]4131 220121 PHONE +49[0]4131 224730 FAX +49[0]1717793294 CELL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bart King Sent: Sunday, July 17, 2005 11:08 AM To: hlds_linux@list.valvesoftware.com Subject: RE: [hlds_linux] HTTP Download. Hi all, to drop in my two pence on this: On our 64 player server using sv_downloadurl, we have a different solution. Instead of running Apache (which is a little bulky just for serving HTTP requests from Half-Life 2 clients), we run thttpd, a much lighter web server that also has the advantage of rate limiting. We then limit thttpd's total outgoing traffic to around 250KB/s. This never appears to be much of a problem, since when the map does change to a custom map, typically, only 5-10% of clients end up downloading it - either the rest of the 60+ clients have it already or disconnect because it's not de_dust ("OMG WTF I PLEH DUST"). Although, if we're playing a new map that no-one will have, we sometimes drop the rate limit so our regulars can fetch without waiting too long. It's all a question of balance - I would find restricting the requests to HL2 only a little constrained. Of course, you can always tell people to download maps off the web prior... [ ToldYa.GIF of type image/gif deleted ] *grin* -- Bart King -- http://www.bart666.com +44 781 219 5654 -- PGP: 0xC9C3EB8B ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] HTTP Download.
apache has bandwidthlimiting too, but ppl usin downloadurl becuase the DONT WANT bandwidth limiting. however, the best was is to user mod_rewrite and to check condition if the remote http refferer is one of the allowed gameservers. if not, well, one way would be to throw an error, another way would be to direct them to ur website. if the remote http refferer is correct (hl2://) u allow access with full speed. well, if u still want bandwidth shaping use one of the bandwidth shaping modules coming with apache1/2 :) almost forgot: u can use mod_rewrite directives within ur .htaccess container. ;) regards Simon PS: and now please back to mailinglist topic... knowledge how to configure/secure apache is an issue of another mailinglist. :D Simon Lange //Director www.polynaturedesign.com +49[0]4131 220121 PHONE +49[0]4131 224730 FAX +49[0]1717793294 CELL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bart King Sent: Sunday, July 17, 2005 11:08 AM To: hlds_linux@list.valvesoftware.com Subject: RE: [hlds_linux] HTTP Download. Hi all, to drop in my two pence on this: On our 64 player server using sv_downloadurl, we have a different solution. Instead of running Apache (which is a little bulky just for serving HTTP requests from Half-Life 2 clients), we run thttpd, a much lighter web server that also has the advantage of rate limiting. We then limit thttpd's total outgoing traffic to around 250KB/s. This never appears to be much of a problem, since when the map does change to a custom map, typically, only 5-10% of clients end up downloading it - either the rest of the 60+ clients have it already or disconnect because it's not de_dust ("OMG WTF I PLEH DUST"). Although, if we're playing a new map that no-one will have, we sometimes drop the rate limit so our regulars can fetch without waiting too long. It's all a question of balance - I would find restricting the requests to HL2 only a little constrained. Of course, you can always tell people to download maps off the web prior... > [ ToldYa.GIF of type image/gif deleted ] *grin* -- Bart King -- http://www.bart666.com +44 781 219 5654 -- PGP: 0xC9C3EB8B ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] HTTP Download.
Hi all, to drop in my two pence on this: On our 64 player server using sv_downloadurl, we have a different solution. Instead of running Apache (which is a little bulky just for serving HTTP requests from Half-Life 2 clients), we run thttpd, a much lighter web server that also has the advantage of rate limiting. We then limit thttpd's total outgoing traffic to around 250KB/s. This never appears to be much of a problem, since when the map does change to a custom map, typically, only 5-10% of clients end up downloading it - either the rest of the 60+ clients have it already or disconnect because it's not de_dust ("OMG WTF I PLEH DUST"). Although, if we're playing a new map that no-one will have, we sometimes drop the rate limit so our regulars can fetch without waiting too long. It's all a question of balance - I would find restricting the requests to HL2 only a little constrained. Of course, you can always tell people to download maps off the web prior... > [ ToldYa.GIF of type image/gif deleted ] *grin* -- Bart King -- http://www.bart666.com +44 781 219 5654 -- PGP: 0xC9C3EB8B ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] HTTP Download.
This message is in MIME format. -- I have sent a attached screenshot of a ramdom server running httpd.As you can see I went to console and typed sv_do and before i could finish typing It, the http download url for that server showed up.no rcon no admin access never been In that server before In my life. -- [ ToldYa.GIF of type image/gif deleted ] -- ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] HTTP Download.
Does not work for me: ] sv_downloadurl "sv_downloadurl" is "" ] rcon_password xxx ] rcon sv_downloadurl "sv_downloadurl" is "http://www.x.se This is from a HL1 server. Eighter it's different in Source or you need to get your facts straight. JS [EMAIL PROTECTED] wrote: Quoting Sebastian <[EMAIL PROTECTED]>: [EMAIL PROTECTED] wrote: to do Is type In your console, sv_downloadurl and It actually gives you the http address.This Is not a good thing. only if you use rcon.. eg: rcon sv_downloadurl (or locally)... normal players can't see it - they'll only see their cvars. besides, who cares if someone figures out your url. for them to leech your from your webserver their server would have to be running the same maps that you have on your webserver.. if they're running de_blah and it's not on your webserver it's irrelevant. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux I have got Into servers that I have no admin or rcon access to and have typed sv_downloadurl In the console and It brings up the http://blah blah blah ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] HTTP Download.
Quoting Sebastian <[EMAIL PROTECTED]>: > > [EMAIL PROTECTED] wrote: > > >to do Is type In your console, sv_downloadurl and It actually gives you the > >http address.This Is not a good thing. > > > > > only if you use rcon.. eg: rcon sv_downloadurl (or locally)... normal > players can't see it - they'll only see their cvars. > besides, who cares if someone figures out your url. for them to leech > your from your webserver their server would have to be running the same > maps that you have on your webserver.. if they're running de_blah and > it's not on your webserver it's irrelevant. > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > I have got Into servers that I have no admin or rcon access to and have typed sv_downloadurl In the console and It brings up the http://blah blah blah ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] HTTP Download.
[EMAIL PROTECTED] wrote: to do Is type In your console, sv_downloadurl and It actually gives you the http address.This Is not a good thing. only if you use rcon.. eg: rcon sv_downloadurl (or locally)... normal players can't see it - they'll only see their cvars. besides, who cares if someone figures out your url. for them to leech your from your webserver their server would have to be running the same maps that you have on your webserver.. if they're running de_blah and it's not on your webserver it's irrelevant. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] HTTP Download.
Quoting Andrew Forsberg <[EMAIL PROTECTED]>: > On Sat, 2005-07-16 at 12:42 +0200, Simon Lange wrote: > > my reply wasnt ot since i did not start the topic. :) > > I was just referring to the topic, not to anyone in particular. > > > > my advice was correct since he stated that he wants ONLY ppl fetching the > > stuff coming from HIS server. denying indexing means nothing since other > > server-admins could still user his webserver for content-serving. > > The idea is to stop opportunists finding the files in the first place. A > quick google shows up many, many, servers who leave their http mirrors > of their gaming directories wide open. It's handy if you want to find a > wayward wad file, but it's equally easy to misuse someone else's http > bandwidth for your own gaming server's content serving (complete with > their banner.gif file I suppose :) ). > > Using .htaccess to issue some basic directives, like turning off > directory indexing, and perhaps setting a user/pass for the mirrored > directories, solves the problem simply. If he has access to the server's > httpd.conf file then he should put those directives in there so they are > processed only once, not every time a connection is made to the > directories. It's quick, and it's easy for anyone with a limited > understanding of apache config files. > > That said, you're quite right -- limiting traffic to the 'Halflife' and > 'Halflife 2' user agent, and hl1 or hl2://xxx.xxx.xxx.xxx:X would > solve the problem. Do all halflife mods accurately reveal the > HTTP_REFERER? So far they all seem to. > > Cheers > Andrew > > > Well put AndrewVery well put.I noticed that when In a server all you have to do Is type In your console, sv_downloadurl and It actually gives you the http address.This Is not a good thing. > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] HTTP Download.
On Sat, 2005-07-16 at 12:42 +0200, Simon Lange wrote: > my reply wasnt ot since i did not start the topic. :) I was just referring to the topic, not to anyone in particular. > my advice was correct since he stated that he wants ONLY ppl fetching the > stuff coming from HIS server. denying indexing means nothing since other > server-admins could still user his webserver for content-serving. The idea is to stop opportunists finding the files in the first place. A quick google shows up many, many, servers who leave their http mirrors of their gaming directories wide open. It's handy if you want to find a wayward wad file, but it's equally easy to misuse someone else's http bandwidth for your own gaming server's content serving (complete with their banner.gif file I suppose :) ). Using .htaccess to issue some basic directives, like turning off directory indexing, and perhaps setting a user/pass for the mirrored directories, solves the problem simply. If he has access to the server's httpd.conf file then he should put those directives in there so they are processed only once, not every time a connection is made to the directories. It's quick, and it's easy for anyone with a limited understanding of apache config files. That said, you're quite right -- limiting traffic to the 'Halflife' and 'Halflife 2' user agent, and hl1 or hl2://xxx.xxx.xxx.xxx:X would solve the problem. Do all halflife mods accurately reveal the HTTP_REFERER? So far they all seem to. Cheers Andrew ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] HTTP Download.
my reply wasnt ot since i did not start the topic. :) my advice was correct since he stated that he wants ONLY ppl fetching the stuff coming from HIS server. denying indexing means nothing since other server-admins could still user his webserver for content-serving. mod_rewrite gives u the power to validate the refferers, and many more so u can decide WHO can fetch data and what happens to those who try to fetch content without being authorized. and before this mailing list becomes "OT" the shortest and fastest solution is to send HIM to www.apache.org and tell him to RTFM (which even includes working examples which would help him!) best regards Simon ps: .htaccess is just a container. Simon Lange //Director www.polynaturedesign.com +49[0]4131 220121 PHONE +49[0]4131 224730 FAX +49[0]1717793294 CELL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Forsberg Sent: Saturday, July 16, 2005 12:26 PM To: hlds_linux@list.valvesoftware.com Subject: RE: [hlds_linux] HTTP Download. On Sat, 2005-07-16 at 11:17 +0200, Simon Lange wrote: > ur source of information should be: www.apache.org > hint: read the mod_rewrite manual This is pretty OT for this list. Still, it might be a common problem, especially if you are unfamiliar with basic security precautions for an http server, and are running one on your gaming server for http-based gaming downloads specifically. The above hitting-nail-with-atomic-bomb approach distresses me. Simplest option is to turn off directory indexing, with .htaccess, as hinted at in an earlier reply. e.g.: Options -Indexes See: http://httpd.apache.org/docs/mod/core.html#options Then if someone tries to access a directory on your webserver, rather than get a list of everything below it, they get an error message. You should put that in your .htaccess file at the root of your web server, because you almost certainly don't want indexes generated for any directory on your server. Unless you like folk leeching maps, images, textures, etc, from you... Cheers Anders ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] HTTP Download.
On Sat, 2005-07-16 at 11:17 +0200, Simon Lange wrote: > ur source of information should be: www.apache.org > hint: read the mod_rewrite manual This is pretty OT for this list. Still, it might be a common problem, especially if you are unfamiliar with basic security precautions for an http server, and are running one on your gaming server for http-based gaming downloads specifically. The above hitting-nail-with-atomic-bomb approach distresses me. Simplest option is to turn off directory indexing, with .htaccess, as hinted at in an earlier reply. e.g.: Options -Indexes See: http://httpd.apache.org/docs/mod/core.html#options Then if someone tries to access a directory on your webserver, rather than get a list of everything below it, they get an error message. You should put that in your .htaccess file at the root of your web server, because you almost certainly don't want indexes generated for any directory on your server. Unless you like folk leeching maps, images, textures, etc, from you... Cheers Anders ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] HTTP Download.
ur source of information should be: www.apache.org hint: read the mod_rewrite manual regards Simon Simon Lange //Director www.polynaturedesign.com +49[0]4131 220121 PHONE +49[0]4131 224730 FAX +49[0]1717793294 CELL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Saturday, July 16, 2005 7:08 AM To: hlds_linux@list.valvesoftware.com Subject: [hlds_linux] HTTP Download. Sorry If I missed It.Ive searched my little head off.How do I set up my apache so that the clients In the server are the only ones who can download.And not by going to the url In a web browser...Any help would be very kind ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] HTTP Download.
Try searching the list via www.mail-archive.com - You can search any tracked list, pretty helpful. - Original Message - From: "Cory Clemmer" <[EMAIL PROTECTED]> To: Sent: Saturday, July 16, 2005 4:42 PM Subject: Re: [hlds_linux] HTTP Download. > Long time (CS 1.3) subscriber, first post :-) > > I was gonna tell you to use .htaccess > (http://httpd.apache.org/docs-2.0/howto/htaccess.html), but just > placing a blank index.html into each directory you would like to keep > private might be simpler. > When the apache server sees the index.html it hands that to the web > client instead of generating a dynamic directory listing. > Your gaming clients should still be able to grab the maps/resources > off the server. > > On 7/16/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > > > > Sorry If I missed It.Ive searched my little head off.How do I set up my apache > > so that the clients In the server are the only ones who can download.And not by > > going to the url In a web browser...Any help would be very kind > > > > > > ___ > > To unsubscribe, edit your list preferences, or view the list archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] HTTP Download.
Long time (CS 1.3) subscriber, first post :-) I was gonna tell you to use .htaccess (http://httpd.apache.org/docs-2.0/howto/htaccess.html), but just placing a blank index.html into each directory you would like to keep private might be simpler. When the apache server sees the index.html it hands that to the web client instead of generating a dynamic directory listing. Your gaming clients should still be able to grab the maps/resources off the server. On 7/16/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > Sorry If I missed It.Ive searched my little head off.How do I set up my apache > so that the clients In the server are the only ones who can download.And not > by > going to the url In a web browser...Any help would be very kind > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux