freghar

it still does mark all threads as read at logout/timeout, that way i (and probably all others too) can't keep track of discussions. this should be fixed ASAP

Actually, I like it this way - I can "search for new posts" on each visit and simply ignore threads I'm not interested in and they won't show up on next visit unless someone "refreshes" them.

I though it's more like a feature than a bug -- SMF forums do the same.

See configure.ac .

I really doubt there are any "hidden" options, everything should be in the help text.

ulimit -n 4096

+ see mangosd.conf NETWORK section

Hello,

I was doing some $HOME directory cleanup and found an old script of mine used for src/shared/ and src/game/ warning generation .. and I though this "warning list" might come in handy, especially the signed/unsigned parts (possible integer overflows) and few other things.

It was made for rev 10686, ie. commit 3de9160f3.

http://openpaste.org/en/23722/

It may be due to ext4 strange database regressions. Ext4 is currently not the best filesystem for a database, ext3 performs about 3 times faster, ext2 about 5 times (similar to XFS/JFS).

It is possible that some other Ubuntu crap got in the way, like graphical composite manager (ie. super-nice visual UI effects, ...) which could drain CPU power a lot (no, that one 79% CPU idle "top" output doesn't mean anything).

Try using "uptime" command to measure your "load average".

dep/ACE_wrappers/configure.ac

@@ -39,7 +36,7 @@ additional details.])

dnl Require GNU Autoconf 2.58 or better.  Previous versions did not
dnl correctly support HP-UX.
-AC_PREREQ([2.58])
+AC_PREREQ(2.61)

dnl Autoconf explicitly forbids patterns containing "_AC_".  This causes
dnl a problem when using MPC to generate the Automake ".am" files since

3c0f8c0efca89 , the ACE update commit by Neo2003. Maybe the reason can be found in ACE scm logs.

Well I'm locking this, it's got way off topic and the situation around 4.x has already been explained multiple times. If you want to discuss the legality of client modifications, please use another thread.

Nobody knows, or are afraid to answer?

Edit: A recursive dos2unix helped for now

?

This might be more of a security issue than mangos one. It looks like a half-detected SYN flood attack or perhaps SYN+FIN. Looks like this CLOSE_WAIT was triggered by tcp_syncookies, but the wait time would be much less than 2 days.

Check your system logs and add anti-flood limit rules to your firewall (if you haven't done so).

and that mangos is trash then? if i can't use it...

i want to say trash.

The fact that you're unable to "use" it doesn't by any means indicate that mangos is a "trash", it simply means that something is "blocking" you from using it, ie. lack of knowledge, language barrier, inability to search and so on.

and that mangos is trasch then? if i can't use it...

error: "trasch": keyword not found

If you want to setup a 4.x server, you're on your own - ie. "make it yourself" or seek help elsewhere. If you can't understand that, ... well .. I'm sure some of the forum mods _will_ take action .. *wink*.

Try asking on some C# specific forums how to handle network stream I/O, how to read it, identify and send replies.

I'm no C# programmer, but I'd use poll() or select() in C. That is, the remote side sends "username:" and "password:" strings, which trigger a POLLIN event that you can use to call read() / recv() / recvfrom() on the socket and compare the input with those username/password strings. If it matches, you can send a reply. A simple version of tcl's "expect".

There's I believe already existing code for this that could be improved, not much people know about it - "uptime" table in "realmd" database. It seems to log the maximum number of players each 10 minutes (default), though the column name might be misleading.

You could modify it to log the "current" number of players instead of "max reached so far". I guess that could even be accepted to master.

SharpSSH seems like SSH lib/app to me, you need to use raw TCP streams or SOAP (http://en.wikipedia.org/wiki/SOAP), not the SSH protocol.

As said, use 64bit debian instead of (32bit) i686 version.

Please. Pretty please. If you're ever going to change the theme, pleeasee leave this one as an option. The old VBulletin theme _really_ sucked my desktop CPU (intel celeron 2.4GHz, ~2003) due to TONS of javascript, donation panel on the right side and all the fancy "nice" things. It always lagged my browser for ~10 seconds.

This new board is mostly JS-free, or at least it seems to be, since the lag went down to 1 second. So if you're ever going to add a windows-costy javascript pseudo-OS to the board, please leave somewhere an option to turn it off, think of us, poor non-hex-core CPU owners.

Thanks.

I personally use "hashlimit" or "recent" iptables match (linux), but I believe any more advanced windows firewall software can do it.

alter permissions of config files so other uses cannot access them (although i did just realize that log files are readable by any user, which can show them the mysql user/pass.. might need to use touch to pre-create the log files and set their permissions to prevent that)

To be honest, installing mangos into /opt is - in my opinion - rather bad idea. I compile and run mangos under "mangos" user, in the home directory itself (/home/mangos/install). That way no other user can access data files / logs / backups / sources / ..., it's a lot easier to manage multiple "backups" (as in "versions") of mangos datadirs as well.

Anyway, you can't touch empty logfiles since mangos is able to use time "stamps" in log file names. I'd simply restrict read access to logs directory.

It's because my server had about 60 to 100 players but then I got some very annoying hackers against me. a whole team actually named eternity hackers. they decided to try and take me out and they succeeded, the lag was unbearable. I've now remade the server but im not going live before I've secured my connection.

And i think a good way to secure it is to make them think the server is at the IP of the logonserver, while it aint.

Security by obscurity. In fact, auth server (realmd) will actually tell them where to find real world server (mangosd), according to realmd.realmlist table. It will probably fool some script kiddies, but it won't make your server any more secure. The correct way is to set up your firewall properly, limit incoming connections, it's easy to take mangos down without anti-SYN-flood protection.

From what I was able to observe, the client sends (after realmd authentication) very few TCP SYN packets, like 3 in the first second and then one per minute (or so), the rest is just ACK with URG flag set. That means you can restrict incoming TCP SYN packets to about 5 per second, with 50 packet buffer ("bucket") .. per IP. Ie. there has to be some space for like 10 players on a shared connection. Plus turn on tcp_syncookies (windows probably has it somewhere as well) and rp_filter to counter spoofing, ...

That should keep them away.

I chose to make this guide using csh because it is the default shell in FreeBSD, it could be redone to work with bash unfortunately bash uses different syntax than csh which makes the foreach loops incompatible. I'll try and create a companion guide using bash when i set up my new FreeBSD 8.1 server so that users will have a choice of which shell they are more comfortable with.

glad to hear you got it working using my guide as a reference

Well classic Bourne Shell (real /bin/sh, not symlink to bash/csh/whatever) supports "for" loops like

for my_var in *
do
   echo $my_var
done;

(which lists all files/directories in the current directory)

That functionality is implemented in bash/ash/dash/.. as well, but csh/tcsh simply has to use foreach.

Anyway -- what's so "secure" about this guide, if I may ask? I found no steps how to make mangos run in a jail / how to add rules for TrustedBSD (MAC, similar to SELinux) / etc.

Well git _does_ support directories, it just don't add new empty directories to the repository. You can - in theory - have an empty tree object representing some directory, but storing such object might seem meaningless to some people.

Well I don't really see any need for the second host<->host connection, but then again - I don't see any point in having realmd on a separate machine. A database server on the second host would make more sense.

Anyway, the issue might be in something unrelated, AFAIK the windows build installs a mangos service by default (and starts it up), so check your services.msc for a running instance of mangosd+realmd.

Is your BindIP set to 0.0.0.0 ?

Can you somehow "draw" an ascii / semi-ascii chart of your setup? It's hard to imagine why both hosts have 2 separate NICs.