Closed Metalcape closed 1 year ago
After further inspection, it seems that knockd
terminates with exit code 0, due to pcap_dispatch
returning a negative value. https://github.com/jvinet/knock/blob/cb163f1509f57698c40a1bd8d1d6891af608a18b/src/knockd.c#L341
knockd
crashes with error pcap: can't poll on packet socket: No child processes
because it is triggering the resume script after every udp packet sent by bedrock clients, and so it quickly creates a lot of child processes while a bedrock client is connected, which eventually makes it crash.
To solve the problem we should find a way to trigger the script only after the first udp packet, or limit the rate at which knockd
polls port 19132. Java clients don't cause this problem because they use TCP and the SYN flag in the config prevents this, but for UDP I don't think there is a way to tell the difference between the first packet and the others, unless we look at the application level protocol. Using something like iptables
we could limit the rate of packets on port 19132, but that would likely cause lag for bedrock players. I also tried looking at knockd
's man page but it doesn't seem to have any option to limit the rate of requests.
Describe the problem
When using the autopause function, the
knockd
process will sometimes terminate, preventing the server from resuming when a client knocks on port 25565 or 19132 (if using GeyserMC). As a workaround, manually starting anotherknockd
instance inside the container withknockd -c /tmp/knockd-config.cfg -d -i eth0
fixes the problem without having to restart the container.I tried inspecting
knockd
's logs and when it terminates it just says:Unfortunately I cannot consistently reproduce this issue, I've only observed that it tends to happen when the server pauses after all clients have disconnected.
Container definition