Jump to content
wolffy.au

ALiVE - Advanced Light Infantry Virtual Environment

Recommended Posts

Apologies if this has been asked before, but is it possible to further augment unit composition/unit pool? There's simply too much AA from the infantry pool for my tastes.

Share this post


Link to post
Share on other sites
No problem I'll probably get flogged again but hey.... take one for the team :p

We'll wait to see what one of the devs says.. it may be like that for a reason. It's really not that hard to remember and besides if you hover your mouse over the field it will show you an example.

I believe it's the same as the placement modules.. open the module and do a mouse-over it should show a hint.

Haha thats ok, thanks for the help! I gave it a try and it seems to spawn CSAT (prob a bug default I presume). Thats ok, at least we know :). I bet it will work or at least be easier in your next update :D

Share this post


Link to post
Share on other sites
Any word on the War Room? I'm really interested to use/test it!! :D and what exactly is the xStream module? Does that module work in the current build of ALiVE? :P

War Room, is close to being released. Aiming at our 0.6 (RC2) release. We are just getting our db hosting sorted along with some final updates to our data DLL etc. Most likely a few weeks out, but it'll be ready when its ready :)

xStream is a very basic camera system for groups that have a spare client and want to stream the whole operation to their War Room page. xStream Camera will automatically show the action as it happens on a client. xStream is a little ways off, but you can see some of the results in our trailer. Every shot in that was generated by xStream.

Cheers

Tup

Share this post


Link to post
Share on other sites
Apologies if this has been asked before, but is it possible to further augment unit composition/unit pool? There's simply too much AA from the infantry pool for my tastes.

Currently no there is no way to change force composition although I believe it has been discussed. I'll add a request ticket if there isn't one already on the tracker.

edit; https://dev.withsix.com/issues/73754

Haha thats ok, thanks for the help! I gave it a try and it seems to spawn CSAT (prob a bug default I presume). Thats ok, at least we know :). I bet it will work or at least be easier in your next update :D

No you should be able to spawn CSAT, AAF, or NATO guys for CQB... if that's not the case something is not setup properly.

Edited by SavageCDN

Share this post


Link to post
Share on other sites
Currently no there is no way to change force composition although I believe it has been discussed. I'll add a request ticket if there isn't one already on the tracker.

edit; https://dev.withsix.com/issues/73754

No you should be able to spawn CSAT, AAF, or NATO guys for CQB... if that's not the case something is not setup properly.

Hey bud, how are you doin? Thanks again for the help! I know your prob a busy guy and I appreciate the advice and input youve given me. Oh I wonder what I did wrong, I had ["drIrregulars","OPF_G_F"] in the OPCOM module and drIrregulars, OPF_G_F in the military/civilian placements. I havent put down a CQB module as I havent had much success with it besides with Altis (but Im thinking I might try it again!)

Share this post


Link to post
Share on other sites

Hmm...you are sure it only spawned CSAT units? Can you try it with just the drIrregulars and see if that works? I have yet to try those units myself.

re:CQB module - yeah on Stratis it doesn't find much other than the town Agia Maria. Altis though it has TONS of CQB positions. Next update will allow you to tweak this further as they've added a 2nd density parameter in addition to the percentage one... in addition to supporting a whole whack of maps.

Just for information to others: Unit addon faction names that will be supported Very Soonâ„¢

Arma 3

- drIrregulars - http://www.armaholic.com/page.php?id=23308

- mas_afr_rebl_b - http://www.armaholic.com/page.php?id=21897

- mas_afr_rebl_i - http://www.armaholic.com/page.php?id=21897

- mas_afr_rebl_o - http://www.armaholic.com/page.php?id=21897

- mas_ukf_sftg - http://www.armaholic.com/page.php?id=19345

- mas_usa_delta - http://www.armaholic.com/forums.php?m=posts&q=21125

- mas_usa_devg - http://www.armaholic.com/forums.php?m=posts&q=21125

- mas_usa_rang - http://www.armaholic.com/forums.php?m=posts&q=21125

- mas_usa_usoc - http://www.armaholic.com/forums.php?m=posts&q=21125

Iron Front

- LIB_LUFTWAFFE

- LNRD_Luft

- LIB_PANZERWAFFE

- LIB_WEHRMACHT

- SG_STURM

- LIB_RKKA

- LIB_USSR_AIRFORCE

- LIB_USSR_TANK_TROOPS

- LIB_GUER

- LIB_US_AIRFORCE

- LIB_US_ARMY

- LIB_US_TANK_TROOPS

Edited by SavageCDN

Share this post


Link to post
Share on other sites

My friend is making a 2 faction Alive mission. We played on the "Foursome" mission for a while and loved it.

His new script though is quite light (900k) and we have only BTC revive and VAS added. The thing is, the modules don't load on the map, we go on the server and nothing appears on the map (we know it takes at least 10 minutes to load the units/zones on the map). We double and triple cheked everything be he thinks he is missing something.

I was wondering if you guys have a basic/advanced checklist for "troubleshooting" a script.

Thanks

Share this post


Link to post
Share on other sites

I would first turn on the debug option in all modules (double-click module, Debug - set to YES) to see what it might spit out.

Did he edit the existing "Foursome" mission or start from scratch?

Try creating a new mission, place all the ALiVE stuff first (modules, markers, etc) with debug on then a single player unit - preview the mission. If all works then merge the original mission with this new one, save and preview again.

Share this post


Link to post
Share on other sites

We did a debug but nothing came out. He did start from scratch. We will try the modules alone tonight, there might be something between the modules and the mods we use, well make a mission with just the ALiVE stuff and see what we come up with.

Thanks for the quick reply, keep up the good work!

Share this post


Link to post
Share on other sites

It's possible that there are conflicts with BTC Revive as well if you still can't get it to work try disabling to see if that solves it.

Share this post


Link to post
Share on other sites
Hmm...you are sure it only spawned CSAT units? Can you try it with just the drIrregulars and see if that works? I have yet to try those units myself.

re:CQB module - yeah on Stratis it doesn't find much other than the town Agia Maria. Altis though it has TONS of CQB positions. Next update will allow you to tweak this further as they've added a 2nd density parameter in addition to the percentage one... in addition to supporting a whole whack of maps.

Just for information to others: Unit addon faction names that will be supported Very Soonâ„¢

Arma 3

- drIrregulars - http://www.armaholic.com/page.php?id=23308

- mas_afr_rebl_b - http://www.armaholic.com/page.php?id=21897

- mas_afr_rebl_i - http://www.armaholic.com/page.php?id=21897

- mas_afr_rebl_o - http://www.armaholic.com/page.php?id=21897

- mas_ukf_sftg - http://www.armaholic.com/page.php?id=19345

- mas_usa_delta - http://www.armaholic.com/forums.php?m=posts&q=21125

- mas_usa_devg - http://www.armaholic.com/forums.php?m=posts&q=21125

- mas_usa_rang - http://www.armaholic.com/forums.php?m=posts&q=21125

- mas_usa_usoc - http://www.armaholic.com/forums.php?m=posts&q=21125

Iron Front

- LIB_LUFTWAFFE

- LNRD_Luft

- LIB_PANZERWAFFE

- LIB_WEHRMACHT

- SG_STURM

- LIB_RKKA

- LIB_USSR_AIRFORCE

- LIB_USSR_TANK_TROOPS

- LIB_GUER

- LIB_US_AIRFORCE

- LIB_US_ARMY

- LIB_US_TANK_TROOPS

Thanks again for the help bud! Yea I had debug on and transported myself to all of the unit markers to check them out and they were all CSAT forces. Oh yea I've been playing it lately with superliquids edited (so it works with ALIVE but they are just infantry units) drIrregulars which Ive been having a lot of fun with but I miss having motorised units around so I tried adding the OPF_G_F to add their awesome armed pickups (I placed them in separate military/civilian placement modules with a separate OPCOM, all synced of course :P). When I set the faction weight of OPF_G_F to motorized it doesn spawn motorized units but it also spawns OPF_G_F infantry units which roam around the locations in separate squads than the drIrregulars which spawn in the same locations. It's not a big deal or anything I was jsut trying to figure out a temp fix until the new update comes out (more excited than Christmas about it!!!! Hopefully BIS will release the update better optimizing MP and AMD processors too by then)

So excited for the new ALIVE update, you guys are what makes this game amazing!!!!

Share this post


Link to post
Share on other sites

Just a few questions about your "data DLL"...

  1. Who's coding it?
  2. In what language? (I assume since you're using Arma2.Net you'll be using C# or Java).
  3. Is it multithreaded? And are threads dynamically cached to reduce on spin-up times?
  4. Can the DLL effectively handle (or gracefully fail on) output greater than 4KB (or whatever Arma set the limit to now)?
  5. Are you using direct SQL calls to the server, or are you feeding it through a webserver first (PHP/ASP.NET)?
  6. Is the connection to the server encrypted?

Sorry for the bombardment of questions, but think of it as the first audit of the software.

Share this post


Link to post
Share on other sites

  1. Who's coding it?
    I am
  2. In what language? (I assume since you're using Arma2.Net you'll be using C# or Java).
    C#
  3. Is it multithreaded? And are threads dynamically cached to reduce on spin-up times?
    Yes it's multi threaded
  4. Can the DLL effectively handle (or gracefully fail on) output greater than 4KB (or whatever Arma set the limit to now)?
    We handle what we send to the dll in sqf. Yes we handle output greater than 8k.
  5. Are you using direct SQL calls to the server, or are you feeding it through a webserver first (PHP/ASP.NET)?
    We don't use SQL, we use a REST API over HTTPS with data sent as JSON to a NOSQL DB
  6. Is the connection to the server encrypted?
    Yes (HTTPS)

Audit? Lol

Edited by Tupolov

Share this post


Link to post
Share on other sites
Currently no there is no way to change force composition although I believe it has been discussed. I'll add a request ticket if there isn't one already on the tracker.

edit; https://dev.withsix.com/issues/73754

I appreciate the response. That's too bad, because it's not very fun to operate any kind of vehicle with the larger battalion sizes. Life expectancy is very short.

As for =BTC= Revive, we run it and there are no conflicts.

Share this post


Link to post
Share on other sites
I appreciate the response. That's too bad, because it's not very fun to operate any kind of vehicle with the larger battalion sizes. Life expectancy is very short.

As for =BTC= Revive, we run it and there are no conflicts.

Hi,

Re: Force composition:

1. Group configs. Actually a big point why we chose the "addon way of life" (in opposite to having all codes in one big mission file) is to be able to define and alter configs that can't be altered through description.ext. So we can create our very own group configs if needed. we may find a way to enable that for the community. Still WIP and not really public though.

2. Composition of MIL/CIV MP placed assets: Please remember, its still Alpha, so your feedback is very welcome!

Of course there will be a higher grade of detail forthe force compositions as time moves on. F.e. Defining if there should be AA units, AAA assets, only tanks, no tanks, only jeeps etc. So this is definiatly on our list!

Expect only the best :)

And Enjoy

Share this post


Link to post
Share on other sites
I appreciate the response. That's too bad, because it's not very fun to operate any kind of vehicle with the larger battalion sizes. Life expectancy is very short.

As for =BTC= Revive, we run it and there are no conflicts.

Ah thanks good to know about BTC Revive... I assume you are not using the ALiVE Multispawn module?

As for force compositions as HH said those features will come in time.

Share this post


Link to post
Share on other sites
Hi,

2. Composition of MIL/CIV MP placed assets: Please remember, its still Alpha, so your feedback is very welcome!

Of course there will be a higher grade of detail forthe force compositions as time moves on. F.e. Defining if there should be AA units, AAA assets, only tanks, no tanks, only jeeps etc. So this is definiatly on our list!

I think this is good enough if it is easier than full blown OOB massaging. when you say this I anticipate pulldowns as in the current MP module that have a none, light, medium, heavy composition weighting for each of those selections. I dare say that the CP module needs those selection as well though.

Share this post


Link to post
Share on other sites
  1. Who's coding it?
    I am
  2. In what language? (I assume since you're using Arma2.Net you'll be using C# or Java).
    C#
  3. Is it multithreaded? And are threads dynamically cached to reduce on spin-up times?
    Yes it's multi threaded
  4. Can the DLL effectively handle (or gracefully fail on) output greater than 4KB (or whatever Arma set the limit to now)?
    We handle what we send to the dll in sqf. Yes we handle output greater than 8k.
  5. Are you using direct SQL calls to the server, or are you feeding it through a webserver first (PHP/ASP.NET)?
    We don't use SQL, we use a REST API over HTTPS with data sent as JSON to a NOSQL DB
  6. Is the connection to the server encrypted?
    Yes (HTTPS)

Audit? Lol

Thanks for the information, and an interesting choice going for a NoSQL DB, they're far out of the norm today :P

And yes, an audit as in a review of your code/security/workflow to ensure stable and secure programming (aka white-hat hacking). Even though this is just a game addon, there's still a lot of risk associated with developing code intended to run natively on a client's computer, and to expect the backend servers to be on a relatively stable up-time.

May I ask what would stop me if I were to try to send malicious data to your backend DB server via HTTP/HTTPS?

Share this post


Link to post
Share on other sites

May I ask what would stop me if I were to try to send malicious data to your backend DB server via HTTP/HTTPS?

Hey thanks everyone for your help back in the day via skype setting up My SQL server for MSO. Been running alive since they day you dropped it and will til we are all dust.

As far as the answer, white hat hacking is cool at forums and open venues and such where everyone is typically acknowledged to be in the same business and for the better good. However here there are trolls and black hats, security is not something I think the creators are going to want to talk about openly on the forums because if they tell people what they are doing to secure something, then the concept is only one troll away from figuring out how to hack those implements. Again this should be discussed privately. Security in any event is NOT open source, and neither should be the information about its methods.

Share this post


Link to post
Share on other sites
Hey thanks everyone for your help back in the day via skype setting up My SQL server for MSO. Been running alive since they day you dropped it and will til we are all dust.

As far as the answer, white hat hacking is cool at forums and open venues and such where everyone is typically acknowledged to be in the same business and for the better good. However here there are trolls and black hats, security is not something I think the creators are going to want to talk about openly on the forums because if they tell people what they are doing to secure something, then the concept is only one troll away from figuring out how to hack those implements. Again this should be discussed privately. Security in any event is NOT open source, and neither should be the information about its methods.

I understand, and I respectfully disagree, since the questions I'm asking can be easily answered by quickly examining their program after they release it. If they cannot answer these questions due to "security concerns", then they have obvious flaws in their system and it shouldn't be released to the public under any circumstances.

There are only two exceptions to this idea: one being that the program has already been released, and one wouldn't want to run the risk of exposing a flaw which may not be fixed for some time, thereby allowing malicious users to use the exploit to their advantage during this period of time; or two being that any type of source code is being revealed, in which new flaws can be discovered or in which intellectual property can be stolen.

Neither of these concerns have yet been raised, so there is no harm to exposing program details, unless the creators are either not willing or unable to fix a security hole (in which this can information can be helpful or detrimental, depending on how third-parties, like myself, approach it; through white-hat or black-hat methodology).

Share this post


Link to post
Share on other sites

Naught appreciate your concerns.

We have a web service, just like any other web service out there. There is nothing stopping you from trying to send malicious data to a publicly available web service.

As for an audit. We don't have plans to 'audit' our software and we don't have any plans at this stage to open source our plugin. We are conducting closed testing and our hope is that our testers will highlight any security concerns they have.

Of course anyone can depbo the addon we release to the public. Server admins, if given access to our server plugin, no doubt could abuse that position of trust too. But if you were to abuse the BIF webservice what happens? We do not provide open access to our server plugin or to our web service to just anyone, but that will become clearer when we finally release.

Are your concerns related to the security of a host game server? Our web platform and data? Or just generally around people creating DLLs that take advantage of callExtension?

If necessary feel free to take this to PM or join our public ALiVE skype channel.

Edited by Tupolov

Share this post


Link to post
Share on other sites
Naught appreciate your concerns.

We have a web service, just like any other web service out there. There is nothing stopping you from trying to send malicious data to a publicly available web service.

As for an audit. We don't have plans to 'audit' our software and we don't have any plans at this stage to open source our plugin. We are conducting closed testing and our hope is that our testers will highlight any security concerns they have.

Of course anyone can depbo the addon we release to the public. Server admins, if given access to our server plugin, no doubt could abuse that position of trust too. But if you were to abuse the BIF webservice what happens? We do not provide open access to our server plugin or to our web service to just anyone, but that will become clearer when we finally release.

Are your concerns related to the security of a host game server? Our web platform and data? Or just generally around people creating DLLs that take advantage of callExtension?

If necessary feel free to take this to PM or join our public ALiVE skype channel.

I more of meant that my questions here are serving as a sort-of preliminary audit, not that you should perform one :)

My concerns are mostly related to your web server, since that machine contains the most spokes to poison (that is, it's connected to the largest network), and an attack on it would be most widely felt. Also, since you haven't released the local DLL yet, I can't speak on terms of its security or performance.

About your web service; The difference is that most other publicly available web API's are implemented in a way in which essential sent data (or PUT/POST/DELETE data for RESTful services) and protected data retrieval are somehow authenticated to not originate from a malicious source - this can be done through a private-key authentication, a basic username-password authentication, or a number of other different protocols which have been developed over the years.

Though an attack utilizing this vulnerability would have to be somewhat sophisticated (well beyond the scope of the general SQF script kiddie hackers and such here), for a project as ambitious as yours I would expect this level of security, although my suggestion is merely my opinion and it would be a rare occurrence for someone to attack your web server.

But, since no threat is worrisome unless faced with its inherent dangers, I'll list some of the possible outcomes of an attack (although not all may be possible depending on your REST-based implementation):

  • Database overflow from null or useless data, which could cause server/service failure or possible server price-hikes due to high usage (especially on a pay-as-you-go host such as AWS).
  • Direct modification of database information (which isn't a top-priority issue since your data can't be classified as 'essential').
  • Deletion of records, tables, or entire databases.
  • Insertion of false records.
  • Access to possibly private or protected information.
  • Ability to inject malicious data which may be sent to clients, causing potential security issues on their end (especially if SQF code were to be injected and somehow run).

This will be my last confrontation on this specific issue unless you should want more information or if I find anything new, but anyways thank you for your time and good luck on ALiVE! :)

Share this post


Link to post
Share on other sites

I'm glad you felt the need to confront us on this issue and appreciate your condescending to teach us fellow ICT professionals the vagaries of ISO27001 compliance. I will ensure that we conduct a full IASC audit in the unlikely event of a commercial release. Until then, if anyone feels there may be an inherent APT due to ALiVE coding, please refrain from using it.

Share this post


Link to post
Share on other sites

Lol Friz.

Naught,

To be honest I think all the points you make there are kinda common sense. Do you really think we would open a web service without using some form of authentication and security? :) I was kinda elluding to that in my last post :) Your statement makes the assumption that we are not using authentication... There is no open access to our web service. That would be crazy :)

We have taken steps to secure it and in addition have mitigated the risks you have listed - those are the obvious ones in my opinion. If you do find anything though, obviously please let us know!

Tup

Edited by Tupolov

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×