Open Mxchael opened 8 years ago
Techcable
commented
8 years ago I need instructions to reproduce in order to fix your issue.
These users may want to disable your join-throttle in order to attack you. Their ISP/family may also be putting multiple people on the same ip, who are joining at the same time.
I may be able to add the 'last-join' to logging for join throttling, to see if it was wrong.
Techcable
commented
8 years ago @aikar might have found the cause
theres a bug in the client if the user clicks multiple times, it tries to login multiple times. with the subsequent clicks kicking the previous. so that would likely block the connection thats actually going to connect. should allow 4 per second, which stops the dos and avoids the issue its why you sometimes see people do login spam
Techcable
commented
8 years ago I'm concerned changing this to 4 per second would unfix #12 and that log spam. I'm also concerned this will leave us more vulnerable to DDOS.
Techcable
commented
8 years ago @PhanaticD
thats the cause of the invisibility bug i was talking about a while ago players cant use commands either if they log in with that state so really u should be blocking it
AlfieC
commented
8 years ago Just saying - somebody connecting more than a few times per second is not 'DDoS'. The reason there are two Ds in 'DDoS' is because it's distributed. From multiple IPs. Therefore it is irrelevant to DDoSing.
Janmm14
commented
8 years ago @AlfieC Yeah, he probably ment a DoS-attack. However a dDoS-Layer7-Attack on minecraft servers consists normally of proxies being itself so fast in connecting that it will hit the DoS-Protection.
AlfieC
commented
8 years ago I can't take you seriously with 'dDoS'.
Janmm14
commented
8 years ago thx
phase
commented
8 years ago Just saying - somebody connecting more than a few times per second is not 'DDoS'. The reason there are two Ds in 'DDoS' is because it's distributed. From multiple IPs. Therefore it is irrelevant to DDoSing.
If multiple IPs do it, boom: DDoS.
Anyways, changing it to 2-3 seconds might be good. I might run some tests later.
Janmm14
commented
8 years ago Can this be a concurrency issue?
Techcable
commented
8 years ago Does this happen with the new throttle?
XxCoolGamesxX
commented
8 years ago Yes.
With the later update of Waterfall of 196.
mikroskeem
commented
8 years ago Yep, happens for me too.
Janmm14
commented
8 years ago The "new" throttle introduced in the last 5 builds should successfully throttle everyone if its not set to a value below 0. That is a waterfall-only issue.
I described the issue here (you may ignore the not-relevant content of that comment): https://github.com/WaterfallMC/Waterfall/commit/06d647ea8c14a0e62ac320732423f65d0aa9ce42#commitcomment-17252124
I've had complaints of users getting join throttled by Waterfall when they haven't joined in awhile. (Minutes-Hours) when my join-throttle is set at 4000 like normal.
Unfortunately I haven't yet re-produced.