SRCDS Steam group


Player rate tracking system using Linux's firewall (iptables)
#1
Low rate tracking system

Description

The Low Rate Tracking System kicks/bans laggy low rate players.

The system can detect low rate players even if they've got seemingly good client rate settings. The system uses internally Linux's iptables firewall, which makes it possible to get very accurate packet numbers for players.

Main reason why players lag is that they've got very bad FPS. There's nothing they can do to improve their FPS, and because they've got good rate settings set to their client, they cannot be detected by the game server itself. This system auto-detects laggers, sends them warning that they've got bad rates, and then kicks/bans them from the server. The end result is lagger free server where everybody have really good rates.

Install instructions

1. Set Linux firewall chain to track player packets
2. Redirect all game data through the tracking chain
3. Start Low Rate Tracking System
  • iptables -N csstracking
  • iptables -I INPUT -p udp --dport 27015 -j csstracking
  • ./ratetables.pl

Requirements:
  • Root access on the server

More detailed install instructions inside the program file.

Download
http://css.setti.info/development/ratetables/

Update 2010-02-15
Fixes
* Improvements
* Detects players alt-tabbed to Windows

Update 2009-04-30
New Features
* Multi server support
* HTML statistics for WWW

Update 2008-09-02

Total rewrite for the system. The system is now more reliable and has more features and more accurate statistics about player rates.

New Features
* Multi server support
* Map specific rates
* Monitoring mode - see what the system would do

The Player Rate Tracking System has been improved. Now the system takes multiple samples and gets more accurate rate numbers from players. There's support for multi-server systems.


Here's updated output from the system:

Code:
[Tue Sep  2 15:22:54 2008]: Server "MyServer" sample #6950 taken (players: 19)
[Tue Sep  2 15:23:04 2008]: Server "MyServer" sample #6951 taken (players: 19)
[Tue Sep  2 15:23:15 2008]: Server "MyServer" sample #6952 taken (players: 19)
[Tue Sep  2 15:23:25 2008]: Server "MyServer" sample #6953 taken (players: 19)
[Tue Sep  2 15:23:36 2008]: Kick&banned " BG|Maverick" (address: 12.73.114.227) (rate avg: 9.7) from "MyServer"
[Tue Sep  2 15:23:37 2008]: Server "MyServer" sample #6954 taken (players: 19)
[Tue Sep  2 15:23:47 2008]: Removed tracking for " BG|Maverick" (address: 12.73.114.227) on "MyServer"
[Tue Sep  2 15:23:47 2008]: Removed tracking for "LT-fast" (address: 14.32.97.206) on "MyServer"
[Tue Sep  2 15:23:47 2008]: Server "MyServer" sample #6955 taken (players: 17)
[Tue Sep  2 15:23:58 2008]: Added tracking for 11.196.206.58 on "MyServer"
[Tue Sep  2 15:23:58 2008]: Server "MyServer" sample #6956 taken (players: 18)
[Tue Sep  2 15:24:08 2008]: Added tracking for 18.99.170.240 on "MyServer"
[Tue Sep  2 15:24:08 2008]: Server "MyServer" sample #6957 taken (players: 19)
[Tue Sep  2 15:24:19 2008]: Added tracking for 19.57.143.149 on "MyServer"
[Tue Sep  2 15:24:19 2008]: Server "MyServer" sample #6958 taken (players: 20)

Players have separate information entries in their log files:
Code:
[Tue Sep  2 15:32:24 2008] "uzzy" (userid: 789) (steamid: STEAM_ID) (min/avg/max 48.7 / 60.1 / 65.2) (4539 bytes/pkt) (ping: 91) (loss: 0) (state: active) (onlinetime: 264) (samples: 19)
[Tue Sep  2 15:32:35 2008] "uzzy" (userid: 789) (steamid: STEAM_ID) (min/avg/max 48.7 / 59.5 / 65.2) (4465 bytes/pkt) (ping: 89) (loss: 0) (state: active) (onlinetime: 274) (samples: 20)
[Tue Sep  2 15:32:45 2008] "uzzy" (userid: 789) (steamid: STEAM_ID) (min/avg/max 48.7 / 58.7 / 65.2) (4422 bytes/pkt) (ping: 93) (loss: 0) (state: active) (onlinetime: 285) (samples: 21)
[Tue Sep  2 15:32:56 2008] "uzzy" (userid: 789) (steamid: STEAM_ID) (min/avg/max 38.9 / 57.4 / 65.2) (4321 bytes/pkt) (ping: 87) (loss: 0) (state: active) (onlinetime: 295) (samples: 22)
[Tue Sep  2 15:33:06 2008] "uzzy" (userid: 789) (steamid: STEAM_ID) (min/avg/max 38.9 / 57.0 / 65.2) (4301 bytes/pkt) (ping: 90) (loss: 0) (state: active) (onlinetime: 306) (samples: 23)

Then there is also general log file, which stored whole session (map) information for players:
Code:
[Tue Sep  2 15:12:10 2008] Map specific stats for "LeXter[md]" (map: de_nightfever) (userid: 689) (steamid: STEAM_ID) (rate min/avg/max: 14.5 / 36.8 / 53.6) (size min/avg/max: 2282 / 2749 / 4098 bytes/pkt) (ping: 119) (loss: 0) (state: active) (onlinetime: 1531) (samples: 148)
[Tue Sep  2 15:12:10 2008] Map specific stats for "JuicE" (map: de_nightfever) (userid: 681) (steamid: STEAM_ID) (rate min/avg/max: 62.0 / 63.5 / 66.0) (size min/avg/max: 4441 / 4734 / 5250 bytes/pkt) (ping: 74) (loss: 0) (state: active) (onlinetime: 1691) (samples: 154)
[Tue Sep  2 15:12:10 2008] Server map changed from "de_nightfever" to "cs_havana"


Update 2008-06-13

Code:
[Fri Jun 13 16:35:57 2008]:   Testing RCON connection to the server (SERVER: 1.2.3.4:27015, PASSWORD: xxxxx)
[Fri Jun 13 16:35:58 2008]: RCON connection succeeded
[Fri Jun 13 16:35:58 2008]:   Auto-detecting game time per map
[Fri Jun 13 16:36:00 2008]:   Finished auto-detecting game time per map
[Fri Jun 13 16:36:00 2008]: Game time per map is 1440 seconds
[Fri Jun 13 16:36:00 2008]:   Retrieving timeleft
[Fri Jun 13 16:36:01 2008]:   Finished retrieving timeleft (Timeleft: 487 seconds)
[Fri Jun 13 16:36:01 2008]: Server is running in normal state
[Fri Jun 13 16:36:01 2008]:   Reading data transfer amounts
[Fri Jun 13 16:36:01 2008]:   Finished reading data transfer amounts
[Fri Jun 13 16:36:01 2008]:   Retrieving player list
[Fri Jun 13 16:36:02 2008]:   Finished retrieving player list
[Fri Jun 13 16:36:02 2008]:   Writing rates to individual log files per player
[Fri Jun 13 16:36:02 2008]:   Finished writing rates to individual log files per player
[Fri Jun 13 16:36:02 2008]:   Updating firewall tracking rules
[Fri Jun 13 16:36:02 2008]:     TRACKING ADDED 89.42.198.59:27005
[Fri Jun 13 16:36:02 2008]:     TRACKING ADDED 89.147.100.130:6786
[Fri Jun 13 16:36:02 2008]:     TRACKING ADDED 77.185.116.61:27005
[Fri Jun 13 16:36:02 2008]:     TRACKING REMOVED 79.75.81.21:27005
[Fri Jun 13 16:36:02 2008]:   Finished updating firewall tracking rules
[Fri Jun 13 16:36:02 2008]: Sleeping 7.86431622505188
[Fri Jun 13 16:36:10 2008]:   Retrieving timeleft
[Fri Jun 13 16:36:11 2008]:   Finished retrieving timeleft (Timeleft: 477 seconds)
[Fri Jun 13 16:36:11 2008]: Server is running in normal state
[Fri Jun 13 16:36:11 2008]:   Reading data transfer amounts
[Fri Jun 13 16:36:11 2008]:   Finished reading data transfer amounts
[Fri Jun 13 16:36:11 2008]:   Retrieving player list
[Fri Jun 13 16:36:12 2008]:   Finished retrieving player list
[Fri Jun 13 16:36:12 2008]:   Calculating rates
[Fri Jun 13 16:36:12 2008]:   Finished calculating rates
[Fri Jun 13 16:36:12 2008]:   Writing rates to individual log files per player
[Fri Jun 13 16:36:12 2008]:   Finished writing rates to individual log files per player
[Fri Jun 13 16:36:12 2008]:   Updating firewall tracking rules
[Fri Jun 13 16:36:12 2008]:   Finished updating firewall tracking rules
[Fri Jun 13 16:36:12 2008]: Sleeping 7.87583804130554
[Fri Jun 13 16:36:10 2008]:   Retrieving timeleft
[Fri Jun 13 16:36:11 2008]:   Finished retrieving timeleft (Timeleft: 477 seconds)
[Fri Jun 13 16:36:11 2008]: Server is running in normal state
[Fri Jun 13 16:36:11 2008]:   Reading data transfer amounts
[Fri Jun 13 16:36:11 2008]:   Finished reading data transfer amounts
[Fri Jun 13 16:36:11 2008]:   Retrieving player list
[Fri Jun 13 16:36:12 2008]:   Finished retrieving player list
[Fri Jun 13 16:36:12 2008]:   Calculating rates
[Fri Jun 13 16:36:12 2008]:   Finished calculating rates
[Fri Jun 13 16:36:12 2008]:   Writing rates to individual log files per player
[Fri Jun 13 16:36:12 2008]:   Finished writing rates to individual log files per player
[Fri Jun 13 16:36:12 2008]:   Updating firewall tracking rules
[Fri Jun 13 16:36:12 2008]:   Finished updating firewall tracking rules
[Fri Jun 13 16:36:12 2008]: Sleeping 7.87583804130554
[Fri Jun 13 16:36:20 2008]:   Retrieving timeleft
[Fri Jun 13 16:36:21 2008]:   Finished retrieving timeleft (Timeleft: 467 seconds)
[Fri Jun 13 16:36:21 2008]: Server is running in normal state
[Fri Jun 13 16:36:21 2008]:   Reading data transfer amounts
[Fri Jun 13 16:36:21 2008]:   Finished reading data transfer amounts
[Fri Jun 13 16:36:21 2008]:   Retrieving player list
[Fri Jun 13 16:36:22 2008]:   Finished retrieving player list
[Fri Jun 13 16:36:22 2008]:   Calculating rates
[Fri Jun 13 16:36:22 2008]:   Finished calculating rates
[Fri Jun 13 16:36:22 2008]:   Writing rate ban for player
[Fri Jun 13 16:36:22 2008]:     God_of_war 89.147.105.204:27005 = (min/avg/max 11.3/12.0/12.7/s) (915 bytes/pkt) (ping: 143) (loss: 5)
[Fri Jun 13 16:36:22 2008]:   Finished writing rate ban for player
[Fri Jun 13 16:36:22 2008]:   Writing rate ban for player
[Fri Jun 13 16:36:22 2008]:     OsCaR 85.174.67.251:27005 = (min/avg/max 18.6/18.6/18.7/s) (1689 bytes/pkt) (ping: 99) (loss: 0)
[Fri Jun 13 16:36:22 2008]:   Finished writing rate ban for player
[Fri Jun 13 16:36:22 2008]:   Writing rate ban for player
[Fri Jun 13 16:36:22 2008]:     TERRY 89.147.108.201:27005 = (min/avg/max 15.6/15.7/15.8/s) (1068 bytes/pkt) (ping: 124) (loss: 0)
[Fri Jun 13 16:36:22 2008]:   Finished writing rate ban for player
[Fri Jun 13 16:36:22 2008]:   Writing rates to individual log files per player
[Fri Jun 13 16:36:22 2008]:   Finished writing rates to individual log files per player
[Fri Jun 13 16:36:22 2008]:   Updating firewall tracking rules
[Fri Jun 13 16:36:22 2008]:   Finished updating firewall tracking rules
[Fri Jun 13 16:36:22 2008]: Sleeping 7.28092002868652


Original post (2008-05-23)

I've been developing new player rate tracking system for catching low raters. The system is in beta version and it's been tested for a week now. It uses Linux's firewall to get accurate readings from all players. The system is fool-proof, so after installing the system there's no way that someone could fake his true rates.

The problem with low raters is obviously that they're difficult to hit - and some say they make the server lag altogether. The game server's sv_* rate settings are not reliable and do not force players to really send the updates the server wants. In general all server cvar settings for clients are unreliable. This iptables based rate tracking system bypasses game server's setups and gets players' rates directly from the Linux kernel.

The monitored server scans players' rates in one minute samples and then calculates true rates for each player. The system can be configured only to keep track of player rates, but not ban low raters. The system stores all players' rates to specific log files, so it's possible to see what kind of rates players have in general.

I need beta testers to test the system. It's easy to setup and I've got installation instructions made ready. PM me if you're interested.

Requirements:
  • Server admin must have root access on the physical server.


Preview

Code:
[Sun May 18 12:10:09 2008]: Testing RCON connection to the server (SERVER: 131.232.23.34:27015, PASSWORD: xxxx)
[Sun May 18 12:10:10 2008]: RCON connection succeeded
[Sun May 18 12:10:10 2008]: Auto-detecting game time per map
[Sun May 18 12:10:11 2008]: Finished auto-detecting game time per map
[Sun May 18 12:10:11 2008]: Game time per map is 1440 seconds
[Sun May 18 12:10:12 2008]: TIMELEFT 1373
[Sun May 18 12:10:12 2008]: Server is running in normal state
[Sun May 18 12:10:12 2008]: Reading data transfer amounts
[Sun May 18 12:10:12 2008]: Finished reading data transfer amounts
[Sun May 18 12:10:13 2008]: Updating firewall tracking rules
[Sun May 18 12:10:13 2008]: TRACKING ADDED 12.111.237.223:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 13.71.120.130:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 117.18.132.197:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 113.14.26.234:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 12.216.112.28:60489
[Sun May 18 12:10:13 2008]: TRACKING ADDED 14.114.26.47:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 17.213.223.239:19879
[Sun May 18 12:10:13 2008]: TRACKING ADDED 19.116.8.87:10061
[Sun May 18 12:10:13 2008]: TRACKING ADDED 16.61.114.58:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 19.112.0.52:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 18.210.32.7:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 14.215.253.97:63061
[Sun May 18 12:10:13 2008]: TRACKING ADDED 17.1.49.190:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 16.121.211.136:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 13.11.28.130:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 12.114.209.175:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 11.210.93.89:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 16.116.216.102:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 13.119.181.206:27005
[Sun May 18 12:10:13 2008]: TRACKING ADDED 18.61.230.248:27005
[Sun May 18 12:10:13 2008]: Finished updating firewall tracking rules
[Sun May 18 12:10:13 2008]: Sleeping 57.8592171669006
[Sun May 18 12:11:12 2008]: TIMELEFT 1313
[Sun May 18 12:11:12 2008]: Server is running in normal state
[Sun May 18 12:11:12 2008]: Reading data transfer amounts
[Sun May 18 12:11:12 2008]: Finished reading data transfer amounts
[Sun May 18 12:11:13 2008]: Checking rates
[Sun May 18 12:11:13 2008]: Finished checking rates
[Sun May 18 12:11:13 2008]: Updating firewall tracking rules
[Sun May 18 12:11:13 2008]: TRACKING ADDED 18.118.190.113:27005
[Sun May 18 12:11:13 2008]: Finished updating firewall tracking rules
[Sun May 18 12:11:13 2008]: Sleeping 57.8891530036926
[Sun May 18 12:12:12 2008]: TIMELEFT 1254
[Sun May 18 12:12:12 2008]: Server is running in normal state
[Sun May 18 12:12:12 2008]: Reading data transfer amounts
[Sun May 18 12:12:12 2008]: Finished reading data transfer amounts
[Sun May 18 12:12:13 2008]: Checking rates
[Sun May 18 12:12:13 2008]: Finished checking rates
[Sun May 18 12:12:13 2008]: Updating firewall tracking rules
[Sun May 18 12:12:13 2008]: TRACKING ADDED 11.94.27.229:27005
[Sun May 18 12:12:13 2008]: TRACKING REMOVED 11.210.93.89:27005
[Sun May 18 12:12:13 2008]: Finished updating firewall tracking rules
[Sun May 18 12:12:13 2008]: Sleeping 57.8203511238098
[Sun May 18 12:13:12 2008]: TIMELEFT 1194
[Sun May 18 12:13:12 2008]: Server is running in normal state
[Sun May 18 12:13:12 2008]: Reading data transfer amounts
[Sun May 18 12:13:12 2008]: Finished reading data transfer amounts
[Sun May 18 12:13:13 2008]: Checking rates
[Sun May 18 12:13:13 2008]: LOW RATE for "DUDA sefu" = 21.34/s (1483 bytes/pkt) (ping: 62) (loss: 0)
[Sun May 18 12:13:20 2008]: BANNED 16.121.211.136:27005
[Sun May 18 12:13:21 2008]: LOW RATE for "al quaida-NL" = 23.43/s (1682 bytes/pkt) (ping: 54) (loss: 0)
[Sun May 18 12:13:27 2008]: BANNED 13.119.181.206:27005
[Sun May 18 12:13:28 2008]: Finished checking rates
[Sun May 18 12:13:28 2008]: Updating firewall tracking rules
[Sun May 18 12:13:28 2008]: TRACKING ADDED 16.124.227.182:27005
[Sun May 18 12:13:28 2008]: TRACKING ADDED 11.210.93.89:27005
[Sun May 18 12:13:28 2008]: TRACKING REMOVED 12.114.209.175:27005
[Sun May 18 12:13:28 2008]: Finished updating firewall tracking rules
[Sun May 18 12:13:28 2008]: Sleeping 43.3714871406555
Reply
#2
why would you want to log peoples rates?
Reply
#3
HBS|Ryan Wrote:why would you want to log peoples rates?

This why

Code:
[Sun May 18 12:13:21 2008]: LOW RATE for "al quaida-NL" = 23.43/s (1682 bytes/pkt) (ping: 54) (loss: 0)
[Sun May 18 12:13:27 2008]: BANNED 13.119.181.206:27005

The server is tick 66 and expects players to send 66 updates per second. The player "al quaida-NL" sent 23.43 updates per second. Not enough. Banned. The limit was set to 25 updates per second.

Some players have crappy computers that can't render more than 20-30 FPS. They lag. They can't help it. They can set whatever cl_cmdrates, but their own FPS limits how many updates they send to the server. They're low rate laggers no matter what.

This system bans the low rate laggers. Before banning them the system tells the player that he's got low rate and he gets banned. You can set your own rate limit to the system, so if you've got 33 tick server, you can set limit for example to 15 updates per second. If you've got 100 tick server, then you can set limit to 75 updates per second for example.

In my own tests I've seen that about 80% of players can't achieve 66 updates per second on my server. Note that the rate is not affected by the server. The server wants 66 updates per second, but it's the players who don't send the updates. Nonetheless, the same players look at ma_rates and whine when somebody doesn't have 66/66/30000. They themselves might have FPS around 40-50 and thus be sending about 45 updates per second, but they think they're so perfect because they've set 100/101/30000 rates to their config.cfg. The truth is that they lag, but nobody really sees the difference. This rate tracking system identifies low raters by looking at directly to the number of packets received from the player's IP : PORT, and determines that way the real rates. Low raters can't do anything to fool the system.

PS. You're no server admin if you haven't seen players complain about low raters!
Reply
#4
gotcha, i wasn't quit awake all the way when i read the first post.
Good job.
Reply
#5
HBS|Ryan Wrote:gotcha, i wasn't quit awake all the way when i read the first post.
Good job.

Thanks.

Do you want to take part to the testing. It'd be good to see how this helps professional gamers / servers. At least if I was professional gamer, I'd like to have my opponents do the 100 updates per second as expected on a 100 tick server.

The tracking system is highly "non-intrusive", so it doesn't show up to players in any way if you don't want to. Performance impact should be also extremely low because the system uses Linux's iptables firewall, which is integrated directly to the kernel. Firewall rules are practically invisible performance-wise. Additionally the system parses the output of iptables every 60 seconds. Running the tracking system is probably more lightweight than running crond Wink
Reply
#6
i got zblock for that. and in leagues, your allowed to set your rates anything between 30-100

they say there is no proof rates effect game play.

Lame i know. But whatever.

But all non douche bags happily set their rates to 100/100/30000
Reply
#7
Zblock can be fooled, it only checks the cvars. It can be trusted as much as anything else that the client tells for the server = nothing.

WTF? Rates as low as 30 allowed on leagues? WHY DO THEY WANT 1000 FPS SERVERS THEN?!

Lame.

I'll make my own league where everybody have to got 100 tick. Then lets see who's the best.
Reply
#8
its usually not an issue. people follow the 'gentlemens law' pretty well.


and i already know: me. Big Grin
Reply
#9
The first post is updated.

This is the first public release. Consider the system as beta.

It's unbelieveable how bad rates / FPS players have. I've seen players complaining that someone doesn't have his rates set to 66/66/30000, but when I use this system to see his own actual rate, it turns out that he's sending only 40-50 updates per second. There are also quite many players with real rates as low as 20 updates per second. Almost everybody have maximum client rate settings, but only about 10-25% of players reach 66 updates per second.

Post here or send me PM for support.
Reply
#10
First post updated.

Update 2008-09-02

Total rewrite for the system. The system is now more reliable and has more features and more accurate statistics about player rates.

New Features
* Multi server support
* Map specific rates
* Monitoring mode - see what the system would do

The Player Rate Tracking System has been improved. Now the system takes multiple samples and gets more accurate rate numbers from players. There's support for multi-server systems.

@ Server admins
Contact me by PM or reply to this thread if you're using this. I can help to set up the system if you find problems. I also appreciate all feedback from the system.
Reply
#11
Hey css, saw your post on the hlds list. Very nice work here, smart thinking on the iptables. I currently have no servers available, but if i do i sure will check it out Smile
To be (an admin), or not to be (an admin), that is the Question.
http://japje.nl/steam/install steam linux install guide for cs 1.6
Reply
#12
Great. I've got only little feedback from the system. I'd like to know how this works for CS1.6 or TF2 servers. All I've tested is CS:S, but the system should work for other game servers too.
Reply
#13
hello
that is normal ?

Quote:[Tue Oct 21 15:53:45 2008] Kicked player "Lowmach1ne" (userid: 29) (steamid: STEAM_0:0:xxxxxx) (rate min/avg/max: 18.6 / 20.9 / 52.3) (size min/avg/max: 1347 / 1513 / 3749 bytes/pkt) (ping: 69) (loss: 0) (state: active) (onlinetime: 507) (samples: 38)

But my rate it is:

rate "131072"
cl_cmdrate "100"
cl_updaterate "100"
cl_interp "0.01"
cl_interpolate "1"
cl_interp_ratio "1"
cl_lagcomp_errorcheck "0"
cl_lagcompensation "1"
cl_predictweapons "1"
cl_smooth "0"
cl_smoothtime "0.01"

and i am not kicked from the server

Sorry for my bad english i'm french
Reply
#14
I don't fully understand your question.

This is the reason which is why Lowmachine is kicked:

(rate min/avg/max: 18.6 / 20.9 / 52.3)

Lowmachine's average rate is 20.9/s. That is too low.
Reply
#15
hello =)
The probleme is
it's me lowmach1ne
and i'm not kicked

and my settings client is:
rate "131072"
cl_cmdrate "100"
cl_updaterate "100"
cl_interp "0.01"
cl_interpolate "1"
cl_interp_ratio "1"
cl_lagcomp_errorcheck "0"
cl_lagcompensation "1"
cl_predictweapons "1"
cl_smooth "0"
cl_smoothtime "0.01"
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)