Try
The first argument is normally ReqI, which you're attempting to set, rather than UCID.
insim.send(pyinsim.IS_MTC(UCID=User.UCID, Msg='Hi there!'))The first argument is normally ReqI, which you're attempting to set, rather than UCID.
My original post was for a centralised server. It was slightly more fancy than a text file, but centralised nonetheless. The thread then went along the lines of supporting decentralised - Thor would be entirely optional if the clients were based on the DHT, and allow you to setup meshes - both public and private. The extra benefit is that there's no delay - when someones banned in any type of pubsub system (be it centralised or decentralised) you can have all the client servers update immediately.
If you want a ban text file that's downloaded from a server every X minutes and then the bans loaded into a running server, no problem. That could be quickly knocked out. Loses a lot of features though, and you still need some way to send bans back to the central text file(s).
I've used Xen but I'd never seen time jump backwards in a domU.. Sounds like the host is doing something unusual in dom0... Mind you without seeing what they're actually doing, who knows 
Meh.
Meh.You may want to consider disabling your hypervisor's time syncing and relying on ntpd. It won't jump forwards/backwards in large increments, but rather make micro adjustments (iirc the max by default is 128ms) that will slow down or speed up the clock without affecting time sensitive apps - such as LFS.
Will be honest I'd be interested in knowing what hypervisor you're using though...
Let me guess, using ntpdate on a cron, rather than ntpd?
Sensible, don't see any other way around it.
If a DHT banned user is just kicked on connection, if they could reconnect fast enough it could prevent votes, people spectating and pitting, etc. I don't think that's solvable or something we should be worried about. There's no mitigation without causing a master ban.
Exactly what I had in mind, however with a distributed system each message needs to be signed so that it can be verified. If any user can transmit into a DHT, then every message can be faked, if it's not signed. It's a performance penalty, but I believe it's necessary. I'd propose using public/private keys - it's the only way to do this safely and quickly. Libraries exist for all major programming languages and are used by billions of transactions a day - battle tested and ready to roll.
I will be honest I've been ignoring this problem until now
The only sane solution I can think of is that bans are tracked and stored by the "local" client/switch. The client stores the ban origin. If the ban is revoked at the origin the local client/switch could mark that as unbanned. If it wasn't banned locally by the server admin (i.e. not manually) then the ban is revoked. If there are multiple origin bans, then you don't unban until it's manually revoked on the server or all origin bans have been removed.
It's not ideal, but strikes a balance between automation and fairness. I think... It introduces the issue of second and third hand bans - that presents an issue within itself
I will be honest this is the main reason I avoided a distributed system in the original post. This sort of issue is a bit easier to deal with in a centralised manner
@MadCatX Checkout [telehash](http://telehash.org/).. It's a bit more sophisticated than gossip. There's a basic C library (I've not checked out how functional it is yet - I've run out of lunch hour). Might be something we could collectively use quite nicely. We'd just need to use a common +to to notifiy clients of events. Would be a nice starting point to create a cross language protocol with the "hard" bits already done...
ooooooh, shiny
I shall give it a bash 
That's what I've ended up thinking. As nice as a distributed database of names is, you're totally right
My issue with that is that there's no way to allow server admins to continue using existing tools - to get information about the ban, a whole in-game button system or external toolset needs to be used. I don't think that's necessarily a big problem, but it's still a [small] barrier to adoption
Will be honest I've not given this much thought yet.. I'm sort of jotting down what few things have come to mind.
I will be honest I was hoping to be able to come up with something that allows you to cherry pick, purely based on how much you trust other server admins to do "the right thing". I wanted to avoid the human cost of maintaining the UKCT barrier system that SamH, etc. ran a few years ago =/ I might be taking it to the extreme though
Last edited by the_angry_angel, .
Been thinking about this more today. Thinking about adding hmac or public/private key signing to the messaging, etc. however the problem that no one's brought up is the automated banning issue.
The master server counts bans - there's a massive potential for a master ban to happen if someone gets banned on one server. I'm not sure that there's really a fix for that... in a public setting
It would be really easy to spoof a report to a public Thor + Mjolnir mesh, and it would only take a few server admins running Mjolnir and accepting all bans before the LFS master server ban would kick in - basically a really easy way to get the LFS master server to ban a user. That said it could be done very easily anyway. Surprised that doesn't happen more often...
The master server counts bans - there's a massive potential for a master ban to happen if someone gets banned on one server. I'm not sure that there's really a fix for that... in a public setting
It would be really easy to spoof a report to a public Thor + Mjolnir mesh, and it would only take a few server admins running Mjolnir and accepting all bans before the LFS master server ban would kick in - basically a really easy way to get the LFS master server to ban a user. That said it could be done very easily anyway. Surprised that doesn't happen more often...
Last edited by the_angry_angel, .
Why didn't I think of that!
Ah come on now, the community is honest and kind hearted. I can't see why anyone would even consider doing that!
Last edited by the_angry_angel, .
Reason : Bad spolling.
Tbh, probably not much effort. The core of the work that's not really shown is being dealt with by xi4n (for InSim) and node-gossip (for the peer-to-peer communication).
node-gossip is basically just a TCP connection multiplexer that encodes and decodes JSON. I've forked (https://github.com/theangryangel/node-gossip) the upstream version (since it seems to be unmaintained) and I'm considering adding SSL support, some sort of authentication (maybe), possibly changing the protocol so its less chatty, etc.
That said, gossip could be swapped out for something else - I was originally thinking something like XMPP or running it all over HTTP(S).
If you've got any ideas on it being more interoperable MadCatX I'm all ears and willing to prototype something I'm also more than happy to set aside a some resources to run Thor for the community when it's not completely broken and we've got a couple of seed servers
node-gossip is basically just a TCP connection multiplexer that encodes and decodes JSON. I've forked (https://github.com/theangryangel/node-gossip) the upstream version (since it seems to be unmaintained) and I'm considering adding SSL support, some sort of authentication (maybe), possibly changing the protocol so its less chatty, etc.
That said, gossip could be swapped out for something else - I was originally thinking something like XMPP or running it all over HTTP(S).
If you've got any ideas on it being more interoperable MadCatX I'm all ears and willing to prototype something
I'm also more than happy to set aside a some resources to run Thor for the community when it's not completely broken and we've got a couple of seed servers
Last edited by the_angry_angel, .
Like the naturalpoint TrackIR? Or the fact that there's a whole, documented, supported API for manipulating the game that people use to build dashboards, their own head tracking using Wii motes and so on?
Certainly better supported than other games...
Total work in progress, but I've pushed up something to https://github.com/theangryangel/xi4n-mjolnir.
Basically uses your idea MadCatX - a central server (Thor) is used to link the peers and store a backup of the "global" bans, and there's a xi4n plugin (Mjolnir) that reports to the other peers (who immediately try and ban that person) - including the central server.
Pros: Allows for private networks, Cons: Doesn't support cherry picking bans, etc. yet, but I will add it.
It's very hacky right now, probably doesn't work amazingly well, but it's a start. My hangover isn't helping though so I'm probably gonna stop for the day and take it easy
Basically uses your idea MadCatX - a central server (Thor) is used to link the peers and store a backup of the "global" bans, and there's a xi4n plugin (Mjolnir) that reports to the other peers (who immediately try and ban that person) - including the central server.
Pros: Allows for private networks, Cons: Doesn't support cherry picking bans, etc. yet, but I will add it.
It's very hacky right now, probably doesn't work amazingly well, but it's a start. My hangover isn't helping though so I'm probably gonna stop for the day and take it easy
IS_FIN provides the PLID (or Player ID). Whatever InSim library you're using should have the facility to get you the UCID (Connection ID) by looking up against the PLID.
If the library is sane at all, I'd imagine what you're looking for is GetPlyIdx, or GetPlyrIdx. But that's a guess.
If the library is sane at all, I'd imagine what you're looking for is GetPlyIdx, or GetPlyrIdx. But that's a guess.
I'm in the area, just over the bridge tomorrow doing some scheduled work at a clients - I was gonna say if I finish early (have a birthday I need to make it home for in the evening sadly ) I might drop by the kart centre and say hello to everyone - but now I'm not so sure 
Looking at the source, DarkTime's .NET library supports version 5 - http://www.lfsforum.net/showthread.php?t=68564
Hmmm. I've got a couple of ideas for this one whilst eating dinner tonight. I definitely don't have time to work on them til Sunday now (out of hours work scheduled, birthdays, meh), but I might have a play then... (this genuinely interests me and will probably prod me enough to get relay support into xi4n)
Basically I'm thinking of something like a hive (central) server that connects to a bunch of trusted servers either using the LFSW InSim relay, or directly. The hive then basically just looks for IS_CNL with the reason set to LEAVR_BANNED, and stores the ban centrally as well. Consumers of the feed could then select which server admins that they want to trust and only down a subset of the bans file.. A utility could do this or there could be a tool that uses InSim and does it that way maybe..
Benefits here;
1. Unlike the previous (UKCT) ban system where replays need to be reviewed, it's automated
2. As a consumer of the global bans you can choose to trust only those admins you want to trust (i.e. those with the same point of view)
Negatives;
1. No reasoning can necessarily be stored
2. Dependent on some servers being kind enough to be added to the LFSW InSim Relay or allow direct InSim connections
3. If the hive goes down, everything goes tits up
Anyone spot anything obvious I'm missing? Anything that could be adjusted or added to?
Basically I'm thinking of something like a hive (central) server that connects to a bunch of trusted servers either using the LFSW InSim relay, or directly. The hive then basically just looks for IS_CNL with the reason set to LEAVR_BANNED, and stores the ban centrally as well. Consumers of the feed could then select which server admins that they want to trust and only down a subset of the bans file.. A utility could do this or there could be a tool that uses InSim and does it that way maybe..
Benefits here;
1. Unlike the previous (UKCT) ban system where replays need to be reviewed, it's automated
2. As a consumer of the global bans you can choose to trust only those admins you want to trust (i.e. those with the same point of view)
Negatives;
1. No reasoning can necessarily be stored
2. Dependent on some servers being kind enough to be added to the LFSW InSim Relay or allow direct InSim connections
3. If the hive goes down, everything goes tits up
Anyone spot anything obvious I'm missing? Anything that could be adjusted or added to?
I'm afraid to say that amongst certain circles the knowledge that the password is in "plain text" in LFS' memory space has been known for years Whilst I don't advocate security-through-obscurity, given the rate of patches to LFS (thats not necessarily a criticism to the LFS team, just an observation) I do worry about the impact that this thread could have. It provides just enough details that even the least talented programmer could now research enough to get something put together to steal passwords within a day (and thats being overly generous).
As nice as argument that is, given the audience for most of the mods on the LFS forum this won't necessarily help, and I don't believe there are that many people who would willingly go through every mod's source for the sake of the community, frankly. Plus if they provide pre-compiled binaries you're trusting them that they use the same source and not something otherwise modified
A mitigation would be to forcibly enable ASLR on Windows, for all executables (I believe by default it's only enabled for executables that demand it). That won't help the cause of the problem, but should make it marginally harder to find, and raises the bar - if only a little
Whilst I don't advocate security-through-obscurity, given the rate of patches to LFS (thats not necessarily a criticism to the LFS team, just an observation) I do worry about the impact that this thread could have. It provides just enough details that even the least talented programmer could now research enough to get something put together to steal passwords within a day (and thats being overly generous).As nice as argument that is, given the audience for most of the mods on the LFS forum this won't necessarily help, and I don't believe there are that many people who would willingly go through every mod's source for the sake of the community, frankly. Plus if they provide pre-compiled binaries you're trusting them that they use the same source and not something otherwise modified
A mitigation would be to forcibly enable ASLR on Windows, for all executables (I believe by default it's only enabled for executables that demand it). That won't help the cause of the problem, but should make it marginally harder to find, and raises the bar - if only a little
Last edited by the_angry_angel, .
Unless InSim reports something different than the actual value provided from the client to the server (and assuming I've not cocked up somewhere) I can assure you that it's 0x20, or 32
If it were just Airio InSim wouldn't report his connection to have the admin flag set (reported by InSim on my client, whilst connected to cargame.nl s1 this afternoon - the admin flag in IS_NCN was set for this person's connection, indicating administrative rights on the LFS server). This person definitely does have admin rights on the actual LFS server itself - again based on InSim - I don't see why it would indicate a different state in the server.
Last edited by the_angry_angel, .
I'm prodding at InSim whilst this person's connected to cargame.nl s1 right now.
Some interesting stuff from InSim;
The reported username is an ASCII space. As in " "
The connection has the admin flag attached
Might be useful for your bans files - if you've got the tools to manually edit them
(pretty sure LFS won't accept a space as a valid name in-game)Edit: Bleh, apparently already known. Well thats boring
Should've read this thread properly.
Last edited by the_angry_angel, .
It's a joke
Well you know, I needed to recoup all that lost revenue, having spent many months developing it
Just following the example of other companies Damnit! I knew I was missing something
If I ever get around to writing an alternative LFS dedicated server, to allow for stuff like this, you can bet your bottom dollar it's on
You can slmbr with any vehicle even with 0 points!
Slmbr with any vehicle of your choosing!Incase there's any confusion, the plugin does actually exist, is open source, does work and it would (in theory) work multi-server. Apparently my inebriated brain found this very funny
Life in the "fast lane" of Cruising getting you down? Try Slmbr!
Life in the "fast lane" of Cruising getting you down? Try Slmbr (read: slumber).
Too busy to read? Check out a quick short video of slmbr in action and an explaination: http://www.youtube.com/watch?v=qjHw274qA2w
Slmbr is a revolution in InSim applications; gain points by not moving at all.
Feature rich and ready to go:
Warning; This post may contain traces of sarcasm and lies. If you're a die hard cruiser you may experience butt hurt.
Too busy to read? Check out a quick short video of slmbr in action and an explaination: http://www.youtube.com/watch?v=qjHw274qA2w
Slmbr is a revolution in InSim applications; gain points by not moving at all.
Feature rich and ready to go:
- Multi-server
- Persistent
- Player acheivements
- Great getaway from hectic cruising, traffic lights, speed limits and police
- Free and open source - modify to suit your needs
- Runs on many operating systems (OS X, Linux, Solaris, *BSD and Windows!)
Warning; This post may contain traces of sarcasm and lies. If you're a die hard cruiser you may experience butt hurt.
Last edited by the_angry_angel, .
FGED GREDG RDFGDR GSFDG