[crossfire] new metaserver

Michael elshar at cheekan.org
Thu Jun 9 14:19:09 CDT 2005 

I'm not sure if its been suggested, and I'm probably missing some part 
of the discussion. I heard somewhere on the list that the metaserver 
required the use of udp, which is easily spoofable. By that I mean that 
no connection handshake required to start data transfer, and most isps 
don't seem to bother to check if the packets leaving their network 
should be doing so...

So how about changing it to tcp, and have the server connect to the 
metaserver via a spawned thread (I read somewhere, possibly same thread 
that changing to tcp would cause issues with the game server.. This 
would 'fix' that, imo)? Maybe have the metaserver throw the requesting 
server some kind of randomly generated key that the requesting server 
has to reply to.

Also, if you wanted to do the multiple metaserver thing (I can't imagine 
why), you could structure it alot like irc servers are. By that I mean 
that you have ways of telling the meta servers which server is the 
'master', which ones are other 'slaves', and which ones are game 
servers. And mechanisms to control behavior for all of them. Hell, you 
could probably write a small perl/php script to use an irc server as a 
metaserver. Then you'd already have all the parts.

I think basically what I'm trying to say is that the game server 
shouldn't itself care if its contacted the metaserver. That should be a 
seperate proccess which 'checks in' every so often to give an update. 
And that those updates should be spaced far enough apart as to not be 
construed as a DOS with the meta server smart enough to realize that a 
repeated message from the same server isn't a seperate advertisement, 
but an update to the previous.. Granted, I'm totally ignorant of how the 
system works, but maybe this idea would be of use to someone. :)




Mark Wedel wrote:

>
     
      Mitch Obrian wrote:
     
     >
     
     
     >>
     
      Cave's php metaservers are great. The sms's are sent
     
     >>
     
      the data by the servers. They then send the info to
     
     >>
     
      the cms which sends the info to the other sms's. This
     
     >>
     
      way (since the sms's are trusted) the cms is unDoSable
     
     >>
     
      as it's ip is unknown except for the trusted sms.
     
     >>
     
      Since cave's metaservers are written in php they can
     
     >>
     
      be hosted anywhere... including hosting companies with
     
     >>
     
      near unlimited bandwidth.
     
     >
     
     
     >
     
     
     >
     
       seems to me that making the CMS ip secret is just security through 
     
     >
     
      obscurity.  Once someone discovers that IP through whatever method, 
     
     >
     
      you lose that benefit - this means the CMS has to be secure on its own.
     
     >
     
     
     >>
     
     
     >>
     
      We should implement it, it has been written. It is
     
     >>
     
      good. The time for discussing how it should be done is
     
     >>
     
      passed as we allready have a product now.
     
     >
     
     
     >
     
     
     >
     
       You discussed the metaserver/program before, however, when asked to 
     
     >
     
      provide link/URL, did not provide one.  Trying to search for info on 
     
     >
     
      it is pretty meaningless, as cave is just too common a word.
     
     >
     
     
     >
     
     
     >
     
      _______________________________________________
     
     >
     
      crossfire mailing list
     
     >
     
     
      crossfire at metalforge.org
      
      
     >
     
     
      http://mailman.metalforge.org/mailman/listinfo/crossfire

More information about the crossfire mailing list