09:28 < ddnet-commits> [ddnet] heinrich5991 pushed 2 new commits to master: https://git.io/vDOP0
09:28 < ddnet-commits> ddnet/master 0acad1a east: dnsbl fix: HostLookup check result properly
09:28 < ddnet-commits> ddnet/master 33cb627 heinrich5991: Merge pull request #617 from east/dnsblfix2...
09:29 <@EastByte> heinrich5991: I probably should have mentioned that testing dnsbl often requires switching nameservers
09:31 <@heinrich5991> EastByte: I only tested that it compiles
09:31 <@EastByte> ah, okay
14:23 <@heinrich5991> EastByte: https://github.com/ddnet/ddnet/pull/322
14:23 <@heinrich5991> do we really want this challenge-response thing?
14:27 <@EastByte> it's the only way to throttle a spoofing attack while still having complete server info responses
14:27 <@EastByte> but I guess I'm too busy right now to implement it
14:30 <@heinrich5991> I'd implement it
14:31 <@EastByte> would be neat
14:31 <@EastByte> but we could also switch to http there :p
14:31 <@EastByte> udp is only making troubles when it comes to ddos
14:32 < ddnet-commits> [ddnet] heinrich5991 pushed 4 new commits to master: https://git.io/vD3Yu
14:32 < ddnet-commits> ddnet/master 1f58595 Marcel Herd: Added command bind_print
14:32 < ddnet-commits> ddnet/master b09bcb9 Marcel Herd: Added check for unbound key
14:32 < ddnet-commits> ddnet/master 7737129 Marcel Herd: Fixed code style
14:41 <@heinrich5991> EastByte: I think HTTP is way too slow for server info
14:41 <@heinrich5991> you need to establish soo many connections
14:49 <@heinrich5991> EastByte: does it help that much if we send a token request? that's also usable for a spoofing attack, no?
14:51 <@EastByte> it's usuable for a spoofing attacks the same way tw0.7 or ddnet antispoof is
14:52 <@EastByte> the only advantage is that an attacker cannot do amplification attacks via tw servers
14:52 <@EastByte> because the rate will be ~1:1
14:52 <@heinrich5991> or rather that they can't connect as a regular client
14:53 <@EastByte> for the connection process, yes
14:53 <@heinrich5991> tw0.7 doesn't use tokens for server info
14:53 <@heinrich5991> cause slow
14:54 <@EastByte> okay but it also only supports 16pl servers
14:57 <@EastByte> well, do you think the token handshake is unnecessary?
14:59 <@heinrich5991> mh. it's complicated at least
14:59 <@EastByte> indeed
15:01 <@EastByte> well, we can stick to falling back to sending meta information only (on dos)
15:02 <@EastByte> I don't care as long as servers can not be used as amplification node
15:02 <@EastByte> but then people cannot search for players in the browser
20:46 < necropotame> heinrich5991, do you plan to extends UUID to the snapshot objects too? Like the server send a list of pair index/UUID so it will stay fast, but flexible
20:47 < necropotame> I think I will use your system to create a bot protocol for client-side AI.
21:02 < eeeee> y u no make centralized http server browser thingy
21:02 < eeeee> i get it that centralized things are not hipster enough but come on
21:06 < eeeee> it's gonna be easier to protect from ddos than a traditional udp master and also players keep their ips private
21:07 < Ryozuki> "y u no make" xD
21:07 < eeeee> for the record i did make essentially that, for teewebs.net
21:08 < eeeee> well actually Learath2 did most of it, but yeah!
21:08 < Ryozuki> :D
21:34 <@EastByte> eeeee: tw http master is something we expected to come to vanilla tw but oy rejected
23:15 < Learath2> maybe we could only provide 64p data on http masters of our own
23:15 < Learath2> and we only return 16p for the normal serverinfo request
23:22 < Learath2> if http masters arent there we could fallback to the 16p from the serverinfo too