ovh / infrastructure-roadmap

Agile roadmap for OVHcloud for Baremetal, Network and Storage IaaS services. Discover the features our product teams are working on, comment and influence our backlog.
https://github.com/orgs/ovh/projects/16
37 stars 1 forks source link

Fix hl2source protocol in GAME Firewall #217

Closed kubo997 closed 3 weeks ago

kubo997 commented 4 months ago

Hi! The problem with the hl2source protocol is that once it is set you cannot connect to the CS2 server via the connect command in-game.

axl303 commented 4 months ago

They will probably fix it with the new upcoming updates/upgrades of the GAME firewall and network stuff.

Hope the new changes indeed introduce a more recent and easy/fast updates of the GAME rules when needed and for NEW/different games.

They said late summer in some comments, but I can't tell for sure.

kubo997 commented 3 months ago

@jslocinski Thank you very much for your interest in the problem. The problem with this protocol is also that the server often does not respond to queries and also a large number of players cannot enter the server even through the list of servers built into the Steam platform (steam://), which is why the only way to join a server on which the hl2source protocol is set is to constantly spam the "Refresh" button (apart from the fact that you can't enter via the "connect" command built into the Counter-Strike 2 console). Additionally, it may sound strange regarding what I wrote above, but the hl2source protocol is not protected against A2S Query spam attacks, which is strange referring to the fact that a normal player does not receive a response from the server.

daffyyyy commented 3 months ago

Hi @jslocinski ,

Is scheduling it for 9-12 months from now a good option? Our servers are victims of constant ddos attacks (going on for a year) and no one has done anything about it. The hl2source filter has a big problem, connecting through the game client console doesn't work. The problem is critical when it comes to the servers of this game, and not only me, but all those hosting such servers would ask you to make it a higher priority

asynleader commented 3 months ago

A simple UDP attack on the game port is enough and the server is down or uses up the entire CPU. The entire CS2 community server industry, which is huge, is suffering from this. The hl2source protocol is currently useless. Are we supposed to wait another year for OVH to fix a critical bug? As a company that is the largest provider of cloud services, you should be ashamed.

Best wishes, Signed: me and my desperate customers.

@jslocinski

kubo997 commented 3 months ago

this screenshot clearly shows how the hl2source protocol works image

rtkkrul commented 3 months ago

This protection should have been done when CS2 was in beta testing. Currently, the hl2source protocol does not work. For half a year I have been attacked 24/7 by a regular A2S Query attack, which OVH does not detect and adjusting the protection through support does not help. The status "prioritized" (9-12 months) is a joke. This is a critical defect that should be fixed as soon as possible.

@jslocinski

Oz-Lin commented 3 months ago

It could be Source2 engine uses a different packet format, to deal with the "subtick" mechanism. Needs to update the game firewall filtering for sure

sygobit commented 3 months ago

+1 for this being fixed ASAP

axl303 commented 3 months ago

Do not expect this to be fixed before the late summer game stuff upgrade (firewall and network) which should be done late summer.

There are changes compared to csgo, that's why you can't connect. Cs2 is different/has some different things. A2s query is the same I think, so I don't know about the spam. Most popular attack is the query spam, indeed.

Jakub and the other members from his team know their work. Please, do not spam this, they know what to do. Just a little faster if they can to bring it with FiveM profile will be perfect.

To jakub and GAME team: Guys, you are working much slowly for newer games, cs2 is almost one year old.. I really hope the new game changes stuff to allow you to patch, add and make new filters for existing/new/upcoming games.

daffyyyy commented 3 months ago

Do not expect this to be fixed before the late summer game stuff upgrade (firewall and network) which should be done late summer.

There are changes compared to csgo, that's why you can't connect. Cs2 is different/has some different things. A2s query is the same I think, so I don't know about the spam. Most popular attack is the query spam, indeed.

Jakub and the other members from his team know their work. Please, do not spam this, they know what to do. Just a little faster if they can to bring it with FiveM profile will be perfect.

To jakub and GAME team: Guys, you are working much slowly for newer games, cs2 is almost one year old.. I really hope the new game changes stuff to allow you to patch, add and make new filters for existing/new/upcoming games.

In my case attacker can bypass ovh protection with simple udpflood on game port, nothing more just udpflood

jslocinski commented 2 months ago

New CS2 protection will be part of the next GAME range servers launch.

daffyyyy commented 2 months ago

New CS2 protection will be part of the latest GAME range servers launch.

Irrational, then why u still advertise ur old offer like: {40D9470C-534A-49CD-A92B-27F4E4019067} LATEST VIDEO GAME RELEASES

You have misled the customers, I hope there will be some compensation?

axl303 commented 1 month ago

Any news on this? Late summer is? Next year maybe? ETA ON ALL GAME STUFF?

snk33 commented 1 month ago

Any news on this? Late summer is? Next year maybe? ETA ON ALL GAME STUFF?

ETA end of Octobre for Gravelines / Beauharnois / Warsaw Source : https://discord.com/channels/850031577277792286/1279032547640086548/1289257696759123969

Should be announced anytime soon :)

jslocinski commented 4 weeks ago

New protection for CounterStrike2 is available on recent GAME-1/-2 servers (EPYC-based).

Oz-Lin commented 4 weeks ago

Any news for APAC region? I can see the same server specs in Advanced ranges there, but without game-specific protections

jslocinski commented 4 weeks ago

Not for now. If needed asap - pls choose from old range for game fw or ADV for perf.

daffyyyy commented 3 weeks ago

Completed? Any reason? The main problem was a problem with connecting through the game console and it still has not been fixed, so either change it to not planned or open. hl2source is good for a2s attacks but causes player connection problems