[PTB] RCON Connections doesnt seem to time out from a server perspective - causing potential trouble

[menix1337]

Game Version: 16925 (2nd January)

Issue from PoT Server Owners group

Found a potential issue that could cause a network leak of sorts, due to source rcon. Issue was somewhat explained on PoT Server Owners, but here I'll try to go better into details. Origin content for those on there

I opened cmd.exe & used netstat -ab to check ports on both my machine - and i used the same command on the dedicated server only running a PoT server (fresh machine, completely - nothing else is going)

Through netstat -ab i noticed after the initial 50k spam - i noticed a huge wall of text amount of ports being open by PathOfTitansServer-Win64-Shipping.exe (On the Dedicated Server)

The same ports being opened were open on my client machine (since i used the bot) -- This was the console windows. (screenshot attached)

As you see the Rcon client connected and validated as intended opens a new port & connection - but theres never any socket close - not even after closing my own end.

So the ports kept being open.

-- I went afk for 10 minutes or so, and came back; redid netstat -ab and all the ports was still left open. However, closing PathOfTitansServer-Win64-Shipping.exe and then do a netstat -ab and it was all wiped.

So how did i cause it

I simply used a NodeJS Library for Source RDS connections: https://github.com/EnriqCG/rcon-srcds

• This seems to be the most up to date, and the go to for NodeJS currently.

In this modules Github readme, the examples does not contain a server.disconnect() event after executing a command. So lets use the raw example they have and use it on my bot. (If you dig into the Librarys code, it actually has a disconnect event you can force - that they dont example is it just their plain stupid; but so be it - after checking it looks like more or less all NodeJS libraries doesn't really show any examples with disconnecting the socket)

My JavaScript code

setInterval(async function () {
    const potrconServer1 = new potrcon({ host: "XXX", port: 7779, timeout: 1000});
    potrconServer1.authenticate("asdf").then(() => {
        console.log('authenticated');
        potrconServer1.execute('Announce Something here');
    })
    .then(console.log)
    .catch(console.error);
}, 5000);

This code would repeat open a new connection every 5000 ms - obviously you are not supposed to interval this, but it was for testing.

With this code i opened literally like 5.000+ connections and thats where the problem originated.

These connections never closed on my end (due to the code) - but more importantly, never on the server before a restart.

Adding in server.disconnect() after the potrconServer1.execute('Announce Something here'); makes the JS Library of course close the port/socket/connection after its done sending the command, and thus wont go into overheating thousands of ports - This also reflects in the servers log with

Why is this a issue

Example: Ping Perfect, they have 5 customers on one machine - they all use RCON, and are unfamiliar with really how to work it out (They're maybe not tech savy & Ping Perfect probably wouldn't give feedback from it). Lets say they have a guy to do rcon bot or a tool for them; and thats where the concern comes.

-- If they all end up tossing ports left right center, it would guaranteely end up in a network crash on the machine. (when all ports are used up)

A possible Solution

A possible solution would be on the server side, try to implement a fix (If its even possible) to close off any unused RCON Ports older than lets say.. 10/30 Minutes (Or perhaps make it a setting for game.ini - so advanced users can modify)

[SourceRCON]
TimeoutUnusedConnectionsMinutes=30  

Does it happen MCRcon? and other tools

I guess that kinda depends if the tool calls in a Disconnect/Socket close event; sadly it seems like most Code modules for JavaScript, Python etc RCON source tools doesn't do it out the box in their example codes, leading into potential hundreds of server owners making a nuclear reaction.

But for other actual premade tools, that people can just download and use out the box (Such as MCRcon?)

Investigating... Will edit

Close

I could just be overthinking that this might be an issue - I just thought it could be a potential problem causer.

There might even actually be a Timeout / Socket close event in the Source RCON Protocol, that i just never stayed long enough to hit - but i couldn't figure out anything from Source RCON Docs

[menix1337]

I've did another spamfest just so you could get the netstat -ab information. This is after like.. half an hour of running cycles of RCON (Without closing using Disconnect() on client side)

I have VPN activated, so do not worry about the IP leak 🗡️

(Image)

And a pastebin with a full list, but basically the same information anyways. Pastebin

In the period of these 30 minutes - my test bot opened up all ports between: 53677-61202 -- Minutes after i went back to check netstat -ab and the entire list still shows up.

However, closing the Path of Titans WindowServer window, the list clears instantly.

[Paleocolour]

@menix1337 can you confirm this has been fixed?

[menix1337]

@menix1337 can you confirm this has been fixed?

We did a f... ton of testing on the Server Owners discord together with devs; i think almost rounding up to 5-6 patches of RCON Improvements.

I believe it should be fixed now, when the latest changes came out for RCON (Cant remember build number) it appears to be okay now!