Jump to content
  • 0

Looking for help or skilled developer


Question

Posted

I have a problem in Vanganth, surely much people have the same:

 

Usersockets: This number is  higher than the playing users, l2server dont fix that number when a person logout, and i supose that it drives to the next problem

Pending Write: This number goes up to +-5.600.000/8k (+-700) or more.

 

someone has fixed or worked on it? 

 

i adjunt my SocketLimiter.cpp and header. 

 

SocketLimiter.h

#pragma once

class SocketLimiter
{
	static int nLastCheck;
public:
	static void Initialize();
	static SOCKET AcceptConnection(SOCKET ListenSocket, sockaddr *addr, int *addrlen);
	static void ValidateSend(CSocket *pSocket, const char *format, va_list va);
	static void SetPendingWriteLimit(int nLimit);
	static void TimerExpired();
	static bool ValidUserSocket(CSocket *pSocket);
	static void OnRead(CUserSocket *pSocket);
	static void Read(CUserSocket *pSocket, DWORD dwLeft);
	static void UserSocketBadPacketSizeLog(LPVOID lpInstance, UINT logType, const WCHAR* format, UINT64 sockFunc, int packetSize);
};

 

SocketLimiter.cpp

/*
################SOCKET##LIMITER##################
## This module will protect l2server, blocking ##
## ugly bug with usersockets, opening xxk and  ##
## using all available IOBufferPool. It will   ##
## also auto ban ip, if there will be more than##
## x connection from this ip at once.          ##
#################################################
*/
#include "StdAfx.h"
#include "SocketLimiter.h"
#include "SocketDB.h"
#include "IpList.h"
#include "IpBlocker.h"

LPINT lpUsersOnline;
LPINT lpUserSockets;
LPINT lpPendingWriteLimit;
static int nSocketLimitPerIP;
static int nBanDuration; //in seconds
static UINT g_IOReadPerSecond = UINT_MAX;
UINT g_SocketReleaseTime = 25000;
UINT g_SocketPreReleaseTime = 5000;
int SocketLimiter::nLastCheck;

CUserSocket* g_ThreadUserSocket[32];

/*
[SocketLimiter]
Enabled=1
;ip separated by space ex. 127.0.0.1 192.168.0.1 192.168.0.2
SafeIpList=127.0.0.1
;Limit sockets per ip (default 10)
LimitPerIp=10
;Ban duration after reaching socket ip limit in seconds (default 300)
BanDuration=300
;Pending write limit (amount of data that will be sent to user in bytes Default l2server: 2097152)
PendingWriteLimit=1097152
PendingWriteDuringSiege=2097152
*/
void SocketLimiter::Initialize()
{
	g_Log.Add(CLog::Blue, "[Ext] Initializing Socket Limiter");
	nLastCheck = time(NULL);
	lpUsersOnline = (LPINT)0x1557E0C; //dVamp exe : 0x1558E10
	lpUserSockets = (LPINT)0x1557E08;	//dVamp exe : 0x1558E08
	lpPendingWriteLimit = (LPINT)0x0086C19C;
	
	const TCHAR* section = _T("SocketLimiter");

	if(!GetPrivateProfileInt(section, _T("Enabled"), 0, g_ConfigFile))
	{
		g_Log.Add(CLog::Blue, "[%s] Disabled", __FUNCTION__);
		return;
	}

	for(UINT n=0;n<32;n++)
	{
		g_ThreadUserSocket[n] = 0;
	}
	//Set Config Data
	nSocketLimitPerIP = GetPrivateProfileInt(section, _T("LimitPerIp"), 20, g_ConfigFile);
	nBanDuration = GetPrivateProfileInt(section, _T("BanDuration"), 300, g_ConfigFile);
	g_IOReadPerSecond = GetPrivateProfileInt(section, _T("MaxIOReadPerSecond"), UINT_MAX, g_ConfigFile);
	g_SocketReleaseTime = GetPrivateProfileInt(section, _T("SocketReleaseTime"), 25000, g_ConfigFile);
	g_SocketPreReleaseTime = GetPrivateProfileInt(section, _T("SocketPreReleaseTime"), 500, g_ConfigFile);
	//(*pPendingWriteLimit) = g_Config.SockLimiterInfo.GetPendingWriteLimit(); //2097152 org l2server limit
	g_HookManager.WriteMemoryDWORD(0x86c19c, GetPrivateProfileInt(section, _T("PendingWriteLimit"), 2097152, g_ConfigFile));
	g_HookManager.WriteMemoryDWORD(0x890B12, g_SocketReleaseTime);
	g_HookManager.WriteMemoryDWORD(0x890A5E, g_SocketPreReleaseTime);
	

	TCHAR temp[8190];
	if(GetPrivateProfileString(section, _T("SafeIpList"), 0, temp, sizeof(temp), g_ConfigFile))
	{
		wstringstream sstr;
		sstr << temp;
		wstring sVal;
		while(sstr >> sVal)
		{
			CIPAddress ip(sVal);
			g_Log.Add(CLog::Blue, "[%s] SafeIpList: %S [%d]", __FUNCTION__, ip.ToString().c_str(), g_SafeIpList.GetSize());
			g_SafeIpList.AddIp(ip);
		}
	}
	
	//Set Hooks
	g_HookManager.WriteCall(0x620EEF, AcceptConnection, 1);

	//CSocket::SendV hook
	g_HookManager.WriteCall(0x005AB493, ValidateSend, 0); //CEventMatch::Broadcast
	g_HookManager.WriteCall(0x005AB65D, ValidateSend, 0); //CEventMatch::Broadcast
	g_HookManager.WriteCall(0x005ABA6D, ValidateSend, 0); //CEventMatch::Broadcast2Observer
	g_HookManager.WriteCall(0x006FF983, ValidateSend, 0); //COlympiadField::SendVToPlayers
	g_HookManager.WriteCall(0x006FF9B5, ValidateSend, 0); //COlympiadField::SendVToPlayers
	g_HookManager.WriteCall(0x006FFE36, ValidateSend, 0); //COlympiadObserverEntry::Broadcast
	g_HookManager.WriteCall(0x0071D7C6, ValidateSend, 0); //CParty::BroadcastToAllParty
	g_HookManager.WriteCall(0x0071D9E1, ValidateSend, 0); //CParty::BroadcastToAllPartyV
	g_HookManager.WriteCall(0x007D5FCA, ValidateSend, 0); //CSocket::Send

	g_HookManager.WriteMemoryDWORD(0xA8EF38, (DWORD)SocketLimiter::OnRead);
	g_HookManager.WriteCall(0x8774D5, SocketLimiter::Read, 0);
	g_HookManager.WriteCall(0x87753A, SocketLimiter::Read, 0);
	g_HookManager.WriteCall(0x8777C6, SocketLimiter::Read, 0);
	g_HookManager.WriteCall(0x877516, SocketLimiter::UserSocketBadPacketSizeLog);
}

UINT g_LastInvalidPacketLog = 0;

void SocketLimiter::UserSocketBadPacketSizeLog(LPVOID lpInstance, UINT logType, const WCHAR* format, UINT64 sockFunc, int packetSize)
{
	UINT currentTick = GetTickCount();
	if(g_LastInvalidPacketLog < currentTick)
	{
		g_LastInvalidPacketLog = currentTick + 5000;
		UINT threadIndex = GetThreadIndex();
		if(threadIndex < 32)
		{
			CUserSocket *pSocket = g_ThreadUserSocket[threadIndex];
			if(pSocket->ValidUserSocket())
			{
				g_Log.Add(CLog::Error, "Invalid packet size[%d] in User Socket from ip[%d.%d.%d.%d]!", packetSize, (UINT)pSocket->addr.S_un.S_un_b.s_b1, (UINT)pSocket->addr.S_un.S_un_b.s_b2, (UINT)pSocket->addr.S_un.S_un_b.s_b3, (UINT)pSocket->addr.S_un.S_un_b.s_b4);
			}
		}
	}
}

void SocketLimiter::OnRead(CUserSocket *pSocket)
{
	guard;

	UINT threadIndex = GetThreadIndex();
	if(threadIndex < 32)
	{
		g_ThreadUserSocket[threadIndex] = pSocket;
	}

	if(pSocket && pSocket->pED)
	{
		DWORD currentTick = GetTickCount();
		DWORD timeoutTick = currentTick + 30000;
		pSocket->pED->onReadTimeout = timeoutTick;
		if(pSocket->pED->ioReadTimeout < currentTick || pSocket->pED->ioReadTimeout > (DWORD)(currentTick + 1000))
		{
			pSocket->pED->ioReadCount = 0;
			pSocket->pED->ioReadTimeout = GetTickCount() + 1000;
		}
	}
	typedef void(*f)(CUserSocket*);
	f(0x876F60L)(pSocket);

	if(threadIndex < 32)
	{
		g_ThreadUserSocket[threadIndex] = 0;
	}

	unguard;
}

void SocketLimiter::Read(CUserSocket *pSocket, DWORD dwLeft)
{
	guard;

	//check for deadlock
	UINT currentTick = GetTickCount();
	if(pSocket->pED->onReadTimeout > currentTick || ((DWORD)(pSocket->pED->onReadTimeout - 30000) > currentTick))
	{
		pSocket->pED->ioReadCount = pSocket->pED->ioReadCount + 1;

		if(pSocket->pED->ioReadCount < g_IOReadPerSecond)
		{
			typedef void(*f)(CUserSocket*, DWORD);
			f(0x6205F0L)(pSocket, dwLeft);
		}else
		{
			//close socket
			g_Log.Add(CLog::Error, "[%s] UserSocket from ip[%d.%d.%d.%d] reached IOReadPerSecond limit [%d][%d] - closed!", __FUNCTION__, pSocket->addr.S_un.S_un_b.s_b1, pSocket->addr.S_un.S_un_b.s_b2, pSocket->addr.S_un.S_un_b.s_b3, pSocket->addr.S_un.S_un_b.s_b4, pSocket->pED->ioReadCount, g_IOReadPerSecond);
			pSocket->Close();
		}
	}else
	{
		//close socket
		g_Log.Add(CLog::Error, "[%s] UserSocket from ip[%d.%d.%d.%d] reached execute limit for CUserSocket::OnRead [%u][%u] - closed!", __FUNCTION__, pSocket->addr.S_un.S_un_b.s_b1, pSocket->addr.S_un.S_un_b.s_b2, pSocket->addr.S_un.S_un_b.s_b3, pSocket->addr.S_un.S_un_b.s_b4, pSocket->pED->onReadTimeout, currentTick);
		pSocket->Close();
	}

	unguard;
}

SOCKET SocketLimiter::AcceptConnection(SOCKET ListenSocket, sockaddr *addr, LPINT lpAddrLen)
{
	SOCKET s = accept(ListenSocket, addr, lpAddrLen);
	try
	{
		sockaddr_in* lpAddr = (struct sockaddr_in*)addr;
		char *szIP = inet_ntoa(lpAddr->sin_addr);
		CIPAddress ip((*lpAddr));
		
		if(!g_SafeIpList.Contain(ip)) 
		{
			
			if( g_IpBlocker.IsBlocked(szIP) )
			{
				closesocket(s);
				WSASetLastError(WSAEWOULDBLOCK);
				s = -1;
			}else if(g_BannedIpList.Contain(ip))
			{
				closesocket(s);
				WSASetLastError(WSAEWOULDBLOCK);
				s = -1;
			}else
			{
				int nSocketCount = g_SocketDB.GetIpCount(ip);
				if( nSocketCount >= nSocketLimitPerIP )
				{
					g_Log.Add(CLog::Error, "[%s] IP[%s] reached socket limit[%d]!", __FUNCTION__, szIP, nSocketLimitPerIP);
					g_Logger.Add(L"[%S] IP[%S] reached socket limit(%d) - Banned for [%d] seconds.", __FUNCTION__, szIP, nSocketLimitPerIP, nBanDuration);
					g_BannedIpList.AddIp(ip, nBanDuration);

					closesocket(s);
					WSASetLastError(WSAEWOULDBLOCK);
					s = -1;
				}
			}
		}
	}catch(...)
	{
		EXCEPTION_LOG;
	}
	return s;
}

void SocketLimiter::ValidateSend(CSocket *pSocket, const char *format, va_list va)
{
	try
	{
		if(CUserSocket *pUS = pSocket->CastUserSocket())
		{
			if( (INT64)pUS->s == -1 )
			{
				if(pUS->pED->invalidWriteTime == 0)
				{
					pUS->pED->invalidWriteTime = time(0) + 60;
				}
				if(pUS->pED->invalidWriteTime > 0 && pUS->pED->invalidWriteTime < time(0) && pUS->netPingTime < (time(0) + 30))
				{
					/*
					CHAR buff[16384];
					int len = Utils::VAssemble(buff, 16384, format, va);
					g_Log.Add(CLog::Error, "[%s] Trying to write to invalid user socket ip[%d.%d.%d.%d] - opCode[%x]!", __FUNCTION__, pUS->addr.S_un.S_un_b.s_b1, pUS->addr.S_un.S_un_b.s_b2, pUS->addr.S_un.S_un_b.s_b3, pUS->addr.S_un.S_un_b.s_b4, (BYTE)buff[0]);
					g_Log.StackTrace(CLog::Error); */
					pUS->netPingTime = time(0) + 120;
				}
				return;
			}
		}
		typedef void (*f)(CSocket*, const char *, va_list);
		f(0x7D5D40L)(pSocket, format, va);
	}catch(...)
	{
		g_Log.Add(CLog::Error, "[%s] Exception format[%s]!", __FUNCTION__, format);
		g_Log.StackTrace(CLog::Error);
	}
}

void SocketLimiter::SetPendingWriteLimit(int nLimit)
{
	if(nLimit > 0)
	{
		(*lpPendingWriteLimit) = nLimit;
	}
}

bool SocketLimiter::ValidUserSocket(CSocket *pSocket)
{
	typedef bool (*f)(CSocket*);
		
	if(f(0x86C160L)(pSocket))
	{

		return true;
	}
	return false;
}

void SocketLimiter::TimerExpired()
{
	if(time(NULL) > (nLastCheck + 10))
	{
	//	FixUserSocketCount();
		nLastCheck = time(NULL);
	}
}

/*void SocketLimiter::FixUserSocketCount()
{
	size_t nSocketCount = g_SocketDB.GetSocketCount();
	if((*lpUserSockets) > (nSocketCount + 50))
	{
		(*lpUserSockets) = (int)nSocketCount;
		g_Log.Add(CLog::Blue, "[%s] Done.", __FUNCTION__);
	}
}*/

 

3 answers to this question

Recommended Posts

  • 0
Posted (edited)

Usersockets - you are absolutely right here. L2Server (c1 and c4) doesn't always release sockets. Easiest way to do it - send CharacterSelect two times (ofc you need some booting tool here). Server will kick such a user, but socket will never be released. It's the only one of example. 

So some-one might just send those 2 CharacterSelect packets even with a good delay to avoid DDoS protection, but still might cause thousands of leaked sockets just in few hours (each socket instance occupies OS IO resoures).

 

Why would some-one send this packet many times? First - to harm your server (memory/OS handlers leaks). Second - this is a popular trick to character dupe. Some-one might try to dupe character. Even if you have dupe-protection, socket still will be leaked

Edited by MasterToma
  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



  • Posts

    • My official facebook profile!: https://www.facebook.com/spectrumL2 Specifications: Revamped L2JACIS revision FROM the core Private project!!! Revision that has been receiving corrections for over 3 years!!! Events already installed in the revision: TVT CTF KTB PARTY FARM SPOIL EVENT CRAZY RATES TOURNAMENT TIME ZONE (INSTANCE) All working correctly!!! SIEGE ESSENTIAL FEATURES: Walls fix Gates fix Flags fix 100% functional: OLYMPIADS: Implemented settings Hero receives enchanted Weapons with equal status PvP Weapons Optional /true/false Hero can acquire all Hero Weapons Optional true/false OTHER IMPLEMENTATIONS: Teleport fixed (directly to Giran) Teleport effect classic Vip skins vip collor name Pack NPCs with effect already configured BOSES already configured Mobs already configured CLASS BALANCE SPECIAL SYSTEM We have a SPECIAL system developed for Class Balance with only 1 digit in XML %tage of configurable debuffs Player limitation system in BOSES or PvP zones BS blocking system in FLEG zones or events Among others dozens of improvements made in the review... price: 390 USD !  OBS: WE CAN CHANGE THE BANNER AND NAME OF THE SERVICE TO THE ONE OF YOUR PREFERENCE BUT THE SETTINGS MUST BE KEPT ANY CHANGES REQUIRE ADDITION        
    • Server is Online – 1,000+ Active Players! We’re excited to announce the addition of a Europe Proxy to improve connectivity for our EU players! Clans can now benefit from VIP Access to help you catch up faster. 🎯 If you're a clan leader with at least 9 active members, join our Discord and open a ticket to claim your VIP rewards!  
    • The Telegram team is rolling out a new batch of Stars-only gifts you’ll be able to mint as NFTs. Don’t miss your chance to join the next Telegram trend and earn from it! Buy Telegram Stars cheap and KYC-free 1 Star from $0.0149 (min. 50 Stars, bulk discounts available) Promo code STARS5 — 5 % off Pay any way you like: bank cards · crypto · other popular methods How to purchase: ➡Online Store — Click ➡ Telegram bot — Click Other services: ➡ SMM panel — Click Regular buyers get extra discounts and promo codes. Support: ➡ Telegram: https://t.me/solomon_bog ➡ Telegram channel: https://t.me/accsforyou_shop ➡ Discord: https://discord.gg/y9AStFFsrh ➡ WhatsApp: https://wa.me/79051904467 ➡ Email: solomonbog@socnet.store Use these contacts to discuss wholesale orders, partnerships (current list: https://socnet.bgng.io/partners) or to become a supplier. SocNet — your shop for digital goods and premium subscriptions
    • The Telegram team is rolling out a new batch of Stars-only gifts you’ll be able to mint as NFTs. Don’t miss your chance to join the next Telegram trend and earn from it! Buy Telegram Stars cheap and KYC-free 1 Star from $0.0149 (min. 50 Stars, bulk discounts available) Promo code STARS5 — 5 % off Pay any way you like: bank cards · crypto · other popular methods How to purchase: ➡Online Store — Click ➡ Telegram bot — Click Other services: ➡ SMM panel — Click Regular buyers get extra discounts and promo codes. Support: ➡ Telegram: https://t.me/solomon_bog ➡ Telegram channel: https://t.me/accsforyou_shop ➡ Discord: https://discord.gg/y9AStFFsrh ➡ WhatsApp: https://wa.me/79051904467 ➡ Email: solomonbog@socnet.store Use these contacts to discuss wholesale orders, partnerships (current list: https://socnet.bgng.io/partners) or to become a supplier. SocNet — your shop for digital goods and premium subscriptions
  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock