Set Ping Limit On Dedi?

[CopyrightPhilly 0]

hi

dose anyone know how to make the max ping for my dedi server 350, if the players ping is heigher then to kick him

cheers, Philly

[benu 1]

There is no such option in ofp, you would have to use a thirdparty solution. You could write a script or cronjob that checks for connected users, pings them, and terminates the connection depending on ping for example.

[CopyrightPhilly 0]

cheers m8, will do that

and b4 anyone says its not to block all 56k becuase i have a couple of 56ks conecting and there pings are at normal 250

cheers, Philly

[RN Malboeuf 12]

you can do this many ways with ping monitors, but they are rare, and then for any reason if your 56kers spike they will get kicked

as for the cron jobs they will use allot of memory and server resources if you are running linux and scanning ips, if you set it to 5 mins you may be fine, dont set any lower then that, but then the cron will only kick a player if it sees him

if you have a win server there are more options but allot of work to do

[benu 1]

I don't think checking once or twice every minute will generate any significant load. You could simply log all new players to a specific logfile with iptables (/sbin/iptables -I INPUT -i eth0 -p udp -d $SRV_ADDRESS --dport 2302 -m state --state NEW -j LOG --log-prefix "NEW OFP PLAYER: ") and just tail and ping -c 1 that. "grep 'NEW OFP PLAYER:' /var/log/messages|tail | awk '{print $11}'|cut -b 5-" gets the ips of the latest 10 players joining the server on my server. I could just put those into a loop and ping each and if the ping is to high i could block the ip. This script is a matter of minutes and makes virtually no load at all and does exactly what the op wanted...

You could run it from cron or put a sleep command in it and let it run in the background...

[benu 1]

Actually, thinking about it, using iptables and statefulness for the udp protocol might not be the best way. "PLAYER_IPS=$(cat /proc/net/ip_conntrack |grep '2302 .*ASSURED' | awk '{print $4}'|cut -b 5-)" gets you the ips of all players currently connected to your server and stores them in a variable calles PLAYER_IPS. That is faster and cheaper. Then ping each of those with "for each i in $PLAYER_IPS; do ping -c 1 $i;done" and do stuff to them. If you do this in a script you can do stuff depending on the value of the ping like blocking the IP (/sbin/iptables -I INPUT -i eth0 -p udp -d $SRV_IP --dport 2302 -j DROP). Although i think it would be better to make a special "ban chain" for iptables and flush it at certain intervals.

[RN Malboeuf 12]

heh

asuming he has linux

[benu 1]

Well, as you said ping monitors would be the solution for windows servers i thought i give one for linux servers

[RN Malboeuf 12]

1st if he was running linux in the 1st place he would be a very smart guy - like your self

i dont recall you ever posting on how to do some thing

thus he is a windows noob as i am a linux noob

DOH!

[benu 1]

OFP uses UDP protocol. The udp header only contains source and destination port, length and checksum. No timestamp or anything to measure packet latencies. IP protocol also does not seem to have a timestamp in it's headers. And even if it did you it would not help you as you don't really know which packet is an answer to which other packet.

If you want to measure the "ping" of a client, you will have to do by analyzing the content of the packets, like "which packet contains some option to synchronize with server and which packet contains the answer to that and how much time passed in between".

Else you would have to check with some other method, eg any service or icmp or udp ping echo request and reply. But most people have icmp echo reply turned off. You could also try to open tcp connections to arbitrary ports and wait for RST or icmp port unreachable packets, but most firewalls will just drop your requests and not answer back. So in most cases there just is no way to calculate the ping of a given player.

For players that did not disable icmp echo reply the above will work, i already tested that on my server. But those were only 2 players on a full server.

But if you are of the "ban whole subnets" mentality you could also kick all players that have ping disabled. Or don't kick them and live with the highpingers that have ping disabled. Or go out and enjoy the sun while the good weather lasts