[Zhao]

Quote:

Originally Posted by Kalcor - A network level setting for server.cfg 'messageholelimit' has been added to deal with DoS attacks.

First and foremost I would like to applaud this great upcoming update, but if someone on the SA-MP team would be so kind to clarify the 'messageholelimit' setting; it would be most appreciated.

[Kyle]

3000

[dusk]

Quote:

Originally Posted by KyleSmith 3000

Sure, that's the default value. But what does it mean? What is a message hole?

[MP2]

Quote:

Originally Posted by KyleSmith 3000

He didn't ask for the default value..

[][Noname][]

Receive message packets in seconds?

[Mauzen]

3000 per second are quite a lot, even for dos attacks. Id rather say its per minute, that would be 50 packets per second. Afaik the normal client shouldnt send more than 30 packets per second.

[Zhao]

Quote:

Originally Posted by Mauzen 3000 per second are quite a lot, even for dos attacks. Id rather say its per minute, that would be 50 packets per second. Afaik the normal client shouldnt send more than 30 packets per second.

That's assuming it's even the limiting of incoming packets. Even if so, we have no idea at which rate. I guess the most logical assumption would be per second but these are all guesses and that's why we need clarification on what this is exactly. This could hurt a lot of servers if we don't know how to make appropriate use of it or what it even is.

[Parka]

Quote:

Originally Posted by Zhao That's assuming it's even the limiting of incoming packets. Even if so, we have no idea at which rate. I guess the most logical assumption would be per second but these are all guesses and that's why we need clarification on what this is exactly. This could hurt a lot of servers if we don't know how to make appropriate use of it or what it even is.

I agree with it, how to use it properly?

[ViruZz]

After looking over this (http://forum.sa-mp.com/showthread.ph...07#post2868407) I'm going to assume it's a network packet limit. I've just created a for loop exceeding the limit I've specified and it seems to have been throwing out some warnings as well.

PS: Don't take that as an official answer, I'm just assuming here.

[Vince]

I assume it's packets per minute. If the amount of packets exceeds the limit then the subsequent packets will be thrown in what's called a "black hole". Discarded.

[Seif-]

I thought it was the milliseconds of a hole between packets. ie if a player is lagging the server for more than 3 seconds?

[ViruZz]

Quote:

Originally Posted by Vince I assume it's packets per minute. If the amount of packets exceeds the limit then the subsequent packets will be thrown in what's called a "black hole". Discarded.

If it is that, this will be really useful with most hacks/cheats out there. Capturing packets from a client in SA:MP is extremely useful.

[Mauzen]

Quote:

Originally Posted by Seif- I thought it was the milliseconds of a hole between packets. ie if a player is lagging the server for more than 3 seconds?

Sounds plausible. Would also match to the tests that caused warnings so far.

[Kalcor]

It's a low level protocol (RakNet) thing that was recently used to attack SA-MP servers.

Basically the client/player send a bunch of faked packet sequence IDs making the server think lots of packets/messages went missing on the internet due to packet loss.

The protocol stack will attempt to recover the missing packets by allocating space and waiting for the client to resend the missing packets. This uses a large amount of resources, and done over and over would eventually lag or even crash the server.

There were no hard limits on the number of missing messages the player could report. Each missing block of packets is considered to be a 'hole'. There was an attempt to fix this problem in 0.3x R2, although the limit was hardcoded to 1000 and sometimes players would falsely be detected as trying to DoS the server for having large message holes.

The server can now specify how big the missing packet hole is. But in most cases the default limit should be fine and most server owners won't have to worry about it.

[Pottus]

Quote:

Originally Posted by Kalcor It's a low level protocol (RakNet) thing that was recently used to attack SA-MP servers. Basically the client/player send a bunch of faked packet sequence IDs making the server think lots of packets/messages went missing on the internet due to packet loss. The protocol stack will attempt to recover the missing packets by allocating space and waiting for the client to resend the missing packets. This uses a large amount of resources, and done over and over would eventually lag or even crash the server. There were no hard limits on the number of missing messages the player could report. Each missing block of packets is considered to be a 'hole'. There was an attempt to fix this problem in 0.3x R2, although the limit was hardcoded to 1000 and sometimes players would falsely be detected as trying to DoS the server for having large message holes. The server can now specify how big the missing packet hole is. But in most cases the default limit should be fine and most server owners won't have to worry about it.

Is that the cause of players timing out for no reason then I take it ?

[ViruZz]

Quote:

Originally Posted by Kalcor It's a low level protocol (RakNet) thing that was recently used to attack SA-MP servers. Basically the client/player send a bunch of faked packet sequence IDs making the server think lots of packets/messages went missing on the internet due to packet loss. The protocol stack will attempt to recover the missing packets by allocating space and waiting for the client to resend the missing packets. This uses a large amount of resources, and done over and over would eventually lag or even crash the server. There were no hard limits on the number of missing messages the player could report. Each missing block of packets is considered to be a 'hole'. There was an attempt to fix this problem in 0.3x R2, although the limit was hardcoded to 1000 and sometimes players would falsely be detected as trying to DoS the server for having large message holes. The server can now specify how big the missing packet hole is. But in most cases the default limit should be fine and most server owners won't have to worry about it.

Thank you for that quick clarification.