0002801: Votekicks can be avoided by disconnecting, thus resulting in not getting banned.

(0015426)
Visual Vincent (reporter)
2016-08-10 10:47
edited on: 2016-08-10 11:39

I don't know fully how the vote system works, but my suggestion would be this:
  1. Store the IP-address when the vote begins.
  2. Let all players vote.
  3. If the vote passes, ban the IP (even if the player is not online anymore).

Here's a video demonstrating the problem:'https://youtu.be/6OaefGceYA4 [^]'
Please put the link in the original post, thank you.

(0015427)
Unknown (reporter)
2016-08-10 11:45

Yea i saw that, God it was so annoying, the guy keeps spamming before getting votekicked, and leaves quickly before the vote gets passed .

(0015428)
Dusk (developer)
2016-08-10 12:52
edited on: 2016-08-10 12:52

Quote

  1. Store the IP-address when the vote begins.
  2. Let all players vote.
  3. If the vote passes, ban the IP (even if the player is not online anymore).

This is the current behavior. If this isn't actually happening then we have a bug.

(0015430)
Visual Vincent (reporter)
2016-08-10 14:29

Quote
If this isn't actually happening then we have a bug.

Seeing as he could rejoin after only a few minutes, I guess so.

(0015432)
Fused (reporter)
2016-08-10 15:23

Are you sure this doesn't work as intended? Can you check again? I'm pretty sure the intended behaviour is what happends. Either that or it broke recently somehow.

(0015433)
Visual Vincent (reporter)
2016-08-10 15:35
edited on: 2016-08-10 15:37

Quote

Are you sure this doesn't work as intended? Can you check again? I'm pretty sure the intended behaviour is what happends. Either that or it broke recently somehow.

I just tested with my friend on one of my own servers, it works there and I got banned for 10 minutes.
I don't know whether it worked on the server I played at in the video, but after taking the time from the demo I recorded I can confirm that he's away for only a minute (this happened two times actually, but the last was not included in the video I uploaded).

(0015434)
Unknown (reporter)
2016-08-10 16:12
edited on: 2016-08-10 16:15

Could be because the guy found an exploit and he used it, Not sure what is it though since he did it not only in that JMX Server, but also on another server i joined, He also managed to use other players names without getting renamed to something else (Making it hard to select and votekick that guy), Like when you use someone else's name a number is added as a Prefix to the copied name .

(0015439)
ZzZombo (reporter)
2016-08-12 04:37
edited on: 2016-08-12 04:38

Ugh, did I just get into Valve's private bug tracker for TF2? Because this is exactly what happens recently there too! Both the disconnect thing and the player assuming names of other players! Just wow...

(0015440)
fr-blood (reporter)
2016-08-12 19:38

I'm sure that it works fine, each time I saw someone leaving before the ban he wasn't coming back for a long moment.

(0015441)
Unknown (reporter)
2016-08-13 01:18

^ Check the vid then .

(0015676)
Ru5tK1ng (updater)
2016-09-21 02:26

I watched the video and are you sure is he just isn't changing IPs or if it's one of his troll buddies? Everytime he leaves and reconnects, is his IP the same? Check the server log.

(0015678)
Ru5tK1ng (updater)
2016-09-21 02:58

Actually I just did this on DE with Alex and yeah something is very wrong here. I'll try to take a look at it.

(0015686)
Ru5tK1ng (updater)
2016-09-21 20:57

I looked through the code and the IP is fetched when the player sends the command to the server. I'm not sure why it was getting lost during the vote passed countdown when the culprit disconnected, so I removed the delay for vote kicks.

'https://bitbucket.org/Ru5tK1ng/zandronum/commits/ccd2c1a6f57c08245a4e248285b6e9ff41a5e79b?at=default [^]'

(0015687)
AlexMax (developer)
2016-09-22 01:54

I have a sneaky suspicion that this might be a bug that is unique to FUNCRUSHER. I cannot replicate this "bypass" on a local machine, or on a randomly selected server (not Doomshack, not Grandvoid). I can only replicate on NJ and DE.

However, I have no idea why this is happening. My binary is dated January 15th, 20116, and as far as I know, it is running the ZA_2.1.2 checkout with an exploit fix patch provided by Dusk. I will recompile and see if the odd behavior goes away, and if not hopefully I can get a gdb trace on what is going on.

(0015688)
Ru5tK1ng (updater)
2016-09-22 01:59

It also depends on what cluster/server the ticket author was playing on. Perhaps he can let us know.

After comparing 2.1.2 and 3.0's voting code, there was some changes to the handling of IPs during kickvoting. The best case scenario is this is something that has already been implicitly fixed and my change will more of an improvement rather than fix.

(0015689)
AlexMax (developer)
2016-09-22 02:25
edited on: 2016-09-22 02:49

A significant amount of time was wasted because I had forgotten that I had whitelisted Rustking and myself. Thus no wonder we couldn't kick ourselves from NJ and DE. *facepalm* So NJ and DE are fine too.

However, that still does not explain the original Youtube video.

EDIT: You didn't mention which server this was on. If this was on TSPG, there is the possibility that the administrator is messing with you by whitelisting his own IP. Or, it might just be somebody who can change his IP quickly.

(0015690)
Unknown (reporter)
2016-09-22 06:37

Not just TSPG, Grandvoid, or Doomshack or any of these clusters, It's also other servers like Utiko's Doomcenter or those other usermade servers .

(0015691)
Dusk (developer)
2016-09-22 07:04

Hmm. Maybe we need some kind of specifity rule to allow whitelisted people to be votekicked. So that a single IP whitelist (or narrower range) gets you past a wider IP range ban, but a specific ban such as a kickvote still gets you out.

(0015692)
Unknown (reporter)
2016-09-22 10:15
edited on: 2016-09-22 10:18

I Thought the Whitelist is used to add IPs of players who can't be votekicked (Therefore can't initiate a kickvote against them), That's not where the problem comes from like OP Said, we were able to call a kickvote against them but everytime before vote passes, they somehow manage to bypass it during the delay between kick and "Vote passed" message .

If IPs are whitelisted the game should tell us they are before attempting to call a kick vote against them, right ?

(0015693)
Ru5tK1ng (updater)
2016-09-22 18:46

I think you misunderstood what Alex meant. Even though I am whitelisted, a kick vote CAN be called against any name I use. It's the banning process once the vote has passed that does nothing. Also it's still useful information to know what cluster the video took place on.

I disagree with being able to be kicked out of servers despite being whitelisted. If I were to investigate a situation on NJ and I happened to get kicked out by trolls, that defeats my whole purpose of being on the white list to begin with. It's usually a bad decision to white list a range and server admins need to be more careful how they handle their lists anyway.

I agree with unknown that perhaps a message should notify the server if the user being kicked is on the whitelist or within a range on the list.

(0015719)
Visual Vincent (reporter)
2016-10-01 18:22
edited on: 2016-10-01 18:24

Sorry for being out of reach...
I cannot remember which server I was playing on, but since I have recorded a demo of it (which is on my desktop PC, that I sadly do not have access to until the end of next week) I might be able to pry something out of it.

(0015720)
Dusk (developer)
2016-10-01 18:57

Quote
If I were to investigate a situation on NJ and I happened to get kicked out by trolls, that defeats my whole purpose of being on the white list to begin with.

The adminlist exists for this purpose. People on the adminlist cannot even be called a votekick on in the first place.

(0015804)
Visual Vincent (reporter)
2016-10-08 11:06
edited on: 2016-10-08 11:08

Okay, after reviewing the demo I can now confirm that I was playing on TSPG Painkiller.

I don't remember the server name and I cannot seem to find it, so I guess it's not running anymore. I also don't know whether this was caused due to a bug or by one of the server administators playing around, however seeing as Ru5tK1ng apparently managed to reproduce this there seems to be something odd going on...

Quote
Actually I just did this on DE with Alex and yeah something is very wrong here. I'll try to take a look at it.

(0015806)
WaTaKiD (updater)
2016-10-08 13:56

id like to point out that the trolls recently that go around spamming, impersonating, votekick abusing, and ban evading are using proxies and can change their ip at any time within a matter of seconds, which im positive is wuts going on here

"Actually I just did this on DE with Alex and yeah something is very wrong here. I'll try to take a look at it."

a few notes down, this is mentioned:
"A significant amount of time was wasted because I had forgotten that I had whitelisted Rustking and myself. Thus no wonder we couldn't kick ourselves from NJ and DE. *facepalm* So NJ and DE are fine too."

(0015820)
Ru5tK1ng (updater)
2016-10-09 04:27

I'm not sure there's really anything to address here. It's very likely they are just changing their IP as soon as they disconnect. Either that or the person who set up the server is messing around. In 3.0, the handling of getting a players IP was slightly changed to a more reliable method and it is plenty different from 2.1.2.

Unless someone manages to reproduce this with 3.0, the only thing I have to offer is removing the delay to relieve paranoia that users aren't getting banned after kick votes.

The stuff regarding whitelisting is probably better served as a separate ticket.

(0015837)
Dusk (developer)
2016-10-09 11:52

I concur with that.

This issue is already marked as resolved. If you feel that is not the case, please reopen it and explain why.
Supporters:	Unknown Combinebobnt FascistCat
Opponents:	No one explicitly opposes this issue yet.

Notes
(0015426) Visual Vincent (reporter) 2016-08-10 10:47 edited on: 2016-08-10 11:39	I don't know fully how the vote system works, but my suggestion would be this: 1. Store the IP-address when the vote begins. 2. Let all players vote. 3. If the vote passes, ban the IP (even if the player is not online anymore). Here's a video demonstrating the problem:'https://youtu.be/6OaefGceYA4 [^]' Please put the link in the original post, thank you.

(0015427) Unknown (reporter) 2016-08-10 11:45	Yea i saw that, God it was so annoying, the guy keeps spamming before getting votekicked, and leaves quickly before the vote gets passed .

(0015428) Dusk (developer) 2016-08-10 12:52 edited on: 2016-08-10 12:52	Quote 1. Store the IP-address when the vote begins. 2. Let all players vote. 3. If the vote passes, ban the IP (even if the player is not online anymore). This is the current behavior. If this isn't actually happening then we have a bug.

(0015430) Visual Vincent (reporter) 2016-08-10 14:29	Quote If this isn't actually happening then we have a bug. Seeing as he could rejoin after only a few minutes, I guess so.

(0015432) Fused (reporter) 2016-08-10 15:23	Are you sure this doesn't work as intended? Can you check again? I'm pretty sure the intended behaviour is what happends. Either that or it broke recently somehow.

(0015433) Visual Vincent (reporter) 2016-08-10 15:35 edited on: 2016-08-10 15:37	Quote Are you sure this doesn't work as intended? Can you check again? I'm pretty sure the intended behaviour is what happends. Either that or it broke recently somehow. I just tested with my friend on one of my own servers, it works there and I got banned for 10 minutes. I don't know whether it worked on the server I played at in the video, but after taking the time from the demo I recorded I can confirm that he's away for only a minute (this happened two times actually, but the last was not included in the video I uploaded).

(0015434) Unknown (reporter) 2016-08-10 16:12 edited on: 2016-08-10 16:15	Could be because the guy found an exploit and he used it, Not sure what is it though since he did it not only in that JMX Server, but also on another server i joined, He also managed to use other players names without getting renamed to something else (Making it hard to select and votekick that guy), Like when you use someone else's name a number is added as a Prefix to the copied name .

(0015439) ZzZombo (reporter) 2016-08-12 04:37 edited on: 2016-08-12 04:38	Ugh, did I just get into Valve's private bug tracker for TF2? Because this is exactly what happens recently there too! Both the disconnect thing and the player assuming names of other players! Just wow...

(0015440) fr-blood (reporter) 2016-08-12 19:38	I'm sure that it works fine, each time I saw someone leaving before the ban he wasn't coming back for a long moment.

(0015441) Unknown (reporter) 2016-08-13 01:18	^ Check the vid then .

(0015676) Ru5tK1ng (updater) 2016-09-21 02:26	I watched the video and are you sure is he just isn't changing IPs or if it's one of his troll buddies? Everytime he leaves and reconnects, is his IP the same? Check the server log.

(0015678) Ru5tK1ng (updater) 2016-09-21 02:58	Actually I just did this on DE with Alex and yeah something is very wrong here. I'll try to take a look at it.

(0015686) Ru5tK1ng (updater) 2016-09-21 20:57	I looked through the code and the IP is fetched when the player sends the command to the server. I'm not sure why it was getting lost during the vote passed countdown when the culprit disconnected, so I removed the delay for vote kicks. 'https://bitbucket.org/Ru5tK1ng/zandronum/commits/ccd2c1a6f57c08245a4e248285b6e9ff41a5e79b?at=default [^]'

(0015687) AlexMax (developer) 2016-09-22 01:54	I have a sneaky suspicion that this might be a bug that is unique to FUNCRUSHER. I cannot replicate this "bypass" on a local machine, or on a randomly selected server (not Doomshack, not Grandvoid). I can only replicate on NJ and DE. However, I have no idea why this is happening. My binary is dated January 15th, 20116, and as far as I know, it is running the ZA_2.1.2 checkout with an exploit fix patch provided by Dusk. I will recompile and see if the odd behavior goes away, and if not hopefully I can get a gdb trace on what is going on.

(0015688) Ru5tK1ng (updater) 2016-09-22 01:59	It also depends on what cluster/server the ticket author was playing on. Perhaps he can let us know. After comparing 2.1.2 and 3.0's voting code, there was some changes to the handling of IPs during kickvoting. The best case scenario is this is something that has already been implicitly fixed and my change will more of an improvement rather than fix.

(0015689) AlexMax (developer) 2016-09-22 02:25 edited on: 2016-09-22 02:49	A significant amount of time was wasted because I had forgotten that I had whitelisted Rustking and myself. Thus no wonder we couldn't kick ourselves from NJ and DE. facepalm So NJ and DE are fine too. However, that still does not explain the original Youtube video. EDIT: You didn't mention which server this was on. If this was on TSPG, there is the possibility that the administrator is messing with you by whitelisting his own IP. Or, it might just be somebody who can change his IP quickly.

(0015690) Unknown (reporter) 2016-09-22 06:37	Not just TSPG, Grandvoid, or Doomshack or any of these clusters, It's also other servers like Utiko's Doomcenter or those other usermade servers .

(0015691) Dusk (developer) 2016-09-22 07:04	Hmm. Maybe we need some kind of specifity rule to allow whitelisted people to be votekicked. So that a single IP whitelist (or narrower range) gets you past a wider IP range ban, but a specific ban such as a kickvote still gets you out.

(0015692) Unknown (reporter) 2016-09-22 10:15 edited on: 2016-09-22 10:18	I Thought the Whitelist is used to add IPs of players who can't be votekicked (Therefore can't initiate a kickvote against them), That's not where the problem comes from like OP Said, we were able to call a kickvote against them but everytime before vote passes, they somehow manage to bypass it during the delay between kick and "Vote passed" message . If IPs are whitelisted the game should tell us they are before attempting to call a kick vote against them, right ?

(0015693) Ru5tK1ng (updater) 2016-09-22 18:46	I think you misunderstood what Alex meant. Even though I am whitelisted, a kick vote CAN be called against any name I use. It's the banning process once the vote has passed that does nothing. Also it's still useful information to know what cluster the video took place on. I disagree with being able to be kicked out of servers despite being whitelisted. If I were to investigate a situation on NJ and I happened to get kicked out by trolls, that defeats my whole purpose of being on the white list to begin with. It's usually a bad decision to white list a range and server admins need to be more careful how they handle their lists anyway. I agree with unknown that perhaps a message should notify the server if the user being kicked is on the whitelist or within a range on the list.

(0015719) Visual Vincent (reporter) 2016-10-01 18:22 edited on: 2016-10-01 18:24	Sorry for being out of reach... I cannot remember which server I was playing on, but since I have recorded a demo of it (which is on my desktop PC, that I sadly do not have access to until the end of next week) I might be able to pry something out of it.

(0015720) Dusk (developer) 2016-10-01 18:57	Quote If I were to investigate a situation on NJ and I happened to get kicked out by trolls, that defeats my whole purpose of being on the white list to begin with. The adminlist exists for this purpose. People on the adminlist cannot even be called a votekick on in the first place.

(0015804) Visual Vincent (reporter) 2016-10-08 11:06 edited on: 2016-10-08 11:08	Okay, after reviewing the demo I can now confirm that I was playing on TSPG Painkiller. I don't remember the server name and I cannot seem to find it, so I guess it's not running anymore. I also don't know whether this was caused due to a bug or by one of the server administators playing around, however seeing as Ru5tK1ng apparently managed to reproduce this there seems to be something odd going on... Quote Actually I just did this on DE with Alex and yeah something is very wrong here. I'll try to take a look at it.

(0015806) WaTaKiD (updater) 2016-10-08 13:56	id like to point out that the trolls recently that go around spamming, impersonating, votekick abusing, and ban evading are using proxies and can change their ip at any time within a matter of seconds, which im positive is wuts going on here "Actually I just did this on DE with Alex and yeah something is very wrong here. I'll try to take a look at it." a few notes down, this is mentioned: "A significant amount of time was wasted because I had forgotten that I had whitelisted Rustking and myself. Thus no wonder we couldn't kick ourselves from NJ and DE. facepalm So NJ and DE are fine too."

(0015820) Ru5tK1ng (updater) 2016-10-09 04:27	I'm not sure there's really anything to address here. It's very likely they are just changing their IP as soon as they disconnect. Either that or the person who set up the server is messing around. In 3.0, the handling of getting a players IP was slightly changed to a more reliable method and it is plenty different from 2.1.2. Unless someone manages to reproduce this with 3.0, the only thing I have to offer is removing the delay to relieve paranoia that users aren't getting banned after kick votes. The stuff regarding whitelisting is probably better served as a separate ticket.

(0015837) Dusk (developer) 2016-10-09 11:52	I concur with that.

Issue History
Date Modified	Username	Field	Change
2016-08-10 10:45	Visual Vincent	New Issue
2016-08-10 10:47	Visual Vincent	Note Added: 0015426
2016-08-10 10:47	Visual Vincent	Note Edited: 0015426	View Revisions
2016-08-10 10:48	Visual Vincent	Note Edited: 0015426	View Revisions
2016-08-10 11:39	Visual Vincent	Note Edited: 0015426	View Revisions
2016-08-10 11:45	Unknown	Note Added: 0015427
2016-08-10 12:52	Dusk	Note Added: 0015428
2016-08-10 12:52	Dusk	Note Edited: 0015428	View Revisions
2016-08-10 14:29	Visual Vincent	Note Added: 0015430
2016-08-10 15:23	Fused	Note Added: 0015432
2016-08-10 15:35	Visual Vincent	Note Added: 0015433
2016-08-10 15:37	Visual Vincent	Note Edited: 0015433	View Revisions
2016-08-10 15:37	Visual Vincent	Note Edited: 0015433	View Revisions
2016-08-10 16:12	Unknown	Note Added: 0015434
2016-08-10 16:13	Unknown	Note Edited: 0015434	View Revisions
2016-08-10 16:14	Unknown	Note Edited: 0015434	View Revisions
2016-08-10 16:15	Unknown	Note Edited: 0015434	View Revisions
2016-08-12 04:37	ZzZombo	Note Added: 0015439
2016-08-12 04:38	ZzZombo	Note Edited: 0015439	View Revisions
2016-08-12 19:38	fr-blood	Note Added: 0015440
2016-08-13 01:18	Unknown	Note Added: 0015441
2016-09-21 02:15	Ru5tK1ng	Relationship added	related to 0002802
2016-09-21 02:16	Ru5tK1ng	Relationship added	related to 0002590
2016-09-21 02:16	Ru5tK1ng	Relationship added	related to 0002838
2016-09-21 02:26	Ru5tK1ng	Note Added: 0015676
2016-09-21 02:26	Ru5tK1ng	Status	new => feedback
2016-09-21 02:26	Ru5tK1ng	Product Version	2.2-beta => 2.1
2016-09-21 02:58	Ru5tK1ng	Note Added: 0015678
2016-09-21 02:58	Ru5tK1ng	Status	feedback => confirmed
2016-09-21 20:57	Ru5tK1ng	Note Added: 0015686
2016-09-21 20:57	Ru5tK1ng	Status	confirmed => needs review
2016-09-22 01:54	AlexMax	Note Added: 0015687
2016-09-22 01:59	Ru5tK1ng	Note Added: 0015688
2016-09-22 02:25	AlexMax	Note Added: 0015689
2016-09-22 02:49	AlexMax	Note Edited: 0015689	View Revisions
2016-09-22 04:11	Ru5tK1ng	Status	needs review => feedback
2016-09-22 06:37	Unknown	Note Added: 0015690
2016-09-22 07:04	Dusk	Note Added: 0015691
2016-09-22 10:15	Unknown	Note Added: 0015692
2016-09-22 10:17	Unknown	Note Edited: 0015692	View Revisions
2016-09-22 10:17	Unknown	Note Edited: 0015692	View Revisions
2016-09-22 10:18	Unknown	Note Edited: 0015692	View Revisions
2016-09-22 18:46	Ru5tK1ng	Note Added: 0015693
2016-10-01 18:22	Visual Vincent	Note Added: 0015719
2016-10-01 18:22	Visual Vincent	Status	feedback => new
2016-10-01 18:24	Visual Vincent	Note Edited: 0015719	View Revisions
2016-10-01 18:57	Dusk	Note Added: 0015720
2016-10-08 11:06	Visual Vincent	Note Added: 0015804
2016-10-08 11:07	Visual Vincent	Note Edited: 0015804	View Revisions
2016-10-08 11:08	Visual Vincent	Note Edited: 0015804	View Revisions
2016-10-08 13:56	WaTaKiD	Note Added: 0015806
2016-10-09 04:27	Ru5tK1ng	Note Added: 0015820
2016-10-09 11:52	Dusk	Note Added: 0015837
2016-10-09 11:52	Dusk	Status	new => closed
2016-10-09 11:52	Dusk	Resolution	open => unable to reproduce