Hotfix 0.7.0.12 is now live. Tonight's hotfix furthers our push in the war against DDOS attacks. While the attacks keep getting smarter and adapting to our network protocols, we believe we are patching out the last of the holes that allow targeted attacks to effectively bring down servers.
This patch adds a new layer that allows the game process to pass IP addresses to the operating system to implement firewall filtering and free up the Hurtworld main thread from dealing with malicious packets.
Server owners will find a new handle_ddos_ip.sh / handle_ddos_ip.bat in the server builds that will be called with an IP address as a parameter whenever the server process detects excessive data from a specific IP address. It is up to each server owner to configure this script to block the IP permanently / temporarily and will change greatly depending on OS configuration. Another powerful use for this would be calling out to your ISP's hardware firewall API and blocking the IPs from there (I know OVH supports this).
We are currently working on an IPSet/IPTables implementation example for linux servers that we will push out in the next couple days. In the meantime competent server admins should be able to work filtering out.
Dev Update 152
Hi Hurtworldians!
In this weeks dev update we check out some new gear, outline our plans for the next patch and unveil the flagship feature of our first V2 content patch which we're really excited about: Physics Tethers
Check out the full update here:
http://hurtworld.com/hurtworld-update-152/
Hotfix 0.7.0.11 Is Live and Official Servers Have Wiped
Hey Hurtworldians,
We've delayed the major content patch until the next wipe (28th Feb, more info on this in our next devblog coming very soon) but have got a hotfix patch with some important bugfixes for you instead.
Official servers are also wiping with this patch but community servers can make their own decision as saves are still compatible.
As always the 'oldversion' beta branch is hosting 0.7.0.10 so you can continue to play on community servers until they update.
Full Changelog
Hotfix 0.7.0.10 Is Live!
Hi Hurtworldians,
After a fair bit of chaos over the weekend where all our official servers were hit by a coordinated DDOS attack specifically designed to exploit a vulnerability in the network middle-ware we use, all official servers are back online and immune to the weekends attacks.
All servers should be in the same state they were at the start of the attacks yesterday with no decay or amber consumption from stakes.
We apologise for the downtime, and we are pretty confident that this vulnerability is now fixed and should make our official and community servers much more robust.
Thanks for hanging in there with us.
Change Log:
Big improvements to targeted DDOS attack protection
Fixed Emote crouch bypassing stand up check and being used to get into rocks
Hotfix 0.7.0.9 Is Live!
Hi Hurtworldians,
Tonight we have another critical but unexciting iterative hotfix patch to further work on server performance. This patch focuses heavily on runtime memory allocations reducing garbage collector spikes. This should take a lot of pressure off full servers, hopefully reducing the "rewind/backwards" lag spikes that are causing our receive buffers to cap out and lose packets. Not 100% there yet, we will keep iterating over the week.
Change Log:
Permanent fix for OSX crash from network API bypass
Item invalidation / creation no longer allocates a ton of serverside allocations
Removed a ton of redundant map marker network objects
Ported object event subscriptions away from delegates to reduce allocations
Reduced max CPU usage of weather systems and spawn director
Hotfix 0.7.0.7 Is Now Live!
Hey Hurtworldians,
Another hotfix patch for you tonight with more improvements to DDoS protection and performance.
We've also added some quality of life improvements in the form of a new storage item for heavy slot resources + an inverted pitch control option for Mozzys.
We're also wiping official servers with this patch and community servers will be forced to wipe also when they update.
As always the 'oldversion' beta branch is pointing at the previous version (0.7.0.6) so you can change to this to continue to play on community servers until they update.
Changelog
Added a heavy storage rack for storing heavy slot items
Improved DDoS protection
Added MinSpikeDebugTime console setting that will configure how often warnings for long frames will be output. Defaults to 5 seconds, will output a warning whenever a frame takes longer than the time (in seconds). If profiling server performance, a value of 0.5 should provide some good insight. We are curious what the max these spikes get up to on community servers
Added invert pitch option toggle for helicopters
Fixed in game changelog not showing properly
Improved positioning of owrong and bandage items
Improved entity update tick timing when in low performance situations (should improve smoothness and consistency when running FPS less than twice the tick rate)
Added handling for EAC shutdown error preventing servers from shutting down and restarting smoothly
Hurtworld Dev Blog #151
Hi Hurtworldians!
It's been a wild couple of weeks keeping the wheels on V2 with the massive influx of players from our launch. It's been amazing to see everyone jumping in to what we've been working on in the background and giving some awesome feedback.
We're slowly getting things under control and are laying plans for our next content releases and server wipe cycles.
Check out the full details here:
http://hurtworld.com/hurtworld-update-151/
Hotfix 0.7.0.6 Is Live!
Hey Hurtworldians,
We've got another hotfix patch for you tonight with more improvements to performance (especially server side), fixing items that could have been recolorable but weren't and fixing the third person camera to stop players peeking inside bases with strange camera angles.
We've also fixed a MacOSX networking issue that was preventing clients from connecting to servers. Please note we still need to fix some shader compilation issues on some Mac setups that cause the server connection to time out on the first try, make sure to try joining a server more than once if you are having problems!
As always the 'oldversion' beta branch is pointing at the previous version (0.7.0.5) so you can continue to play on community servers before they update.
Changelog
Fixed an issue with MacOSX version not being able to connect to servers
World item generation refactored and performance improved (should help with item falling through world issues)
Mozzy chassis can now be recolored and will accept Mozzy paint masks
Improvised bow can now be recolored
Improved camera near clipping plane collision detection (fixes being able to peek into bases by placing your camera at strange angles in third person perspective)
Fixed race condition in server interaction blast casts
Reduced memory allocations resulting in more consistent performance
Hotfix 0.7.0.5 Is Live!
Hi Guys,
Tonight's hotfix further iterates on network stability and performance. We located some serious issues with our background network thread that were being exploited by targeted DDOS attacks to bring down servers.
These should now be fixed along with significantly reduced ram usage on the client and the server.
The reduced ram usage should solve the issues people with low ram have been having connecting to servers since the last patch.
Change Log
<*>Patched an exploit in RPC layer that could be used to crash the server with malformed packets
<*>Fixed race conditions in background network thread
<*>Removed over eager allocation of network message buffers using tons of ram
<*>Reduced frame lease pool of network messages on client (less ram usage)
<*>Added "frameleasebitstreampool " console command to expand bitstream pool. Increase this if you are getting frame lease exceeded by . Default on the server is 1500, only increase by amounts exceeded.
Hotfix 0.7.0.4 Is Live!
Hi Hurtworldians,
EDIT: We're bringing all V2 servers down to upgrade them all to 64 bit. Will take about half an hour.
Tonight we have a server performance hotfix that should alleviate a lot of the movement corrections on full servers. There is still a bit of work to do on the server perf but this should be a good step towards getting everything tickityboo.
This patch also fixes the autodetection of low ram mode which was getting stomped by the fixes to the configuration saving.
For server owners we also added a new admin command to jump the connection queue. Usage:
jumpqueue
As well as the ability to use rcon from inside the queue.
The "playerid" command will put your steamid into your clipboard for quick jumping of self through queue.
Lastly server connection issues now render on top of the UI.
We'll be monitoring the servers to ensure the fixes are improving things and will keep working on perf improvements into the weekend.
