Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - theblaze

Pages: [1] 2 3 ... 6
2
Quote
For the server code, can you explain which abuses you're trying to protect against?

Someone flooding the sim with one of their bots, or grabbing all the bots available in the pool. It tries to keep a balance between bots in / out for each client

3
Code: [Select]
from pprint import pprint
import threading
import uuid
import os
from collections import defaultdict
import re
import random
import time

from flask import request
from flask import Flask
app = Flask(__name__, static_url_path='')

botPath = 'bots/'

ipBotCounts = defaultdict(int)


# We allow adjustments back to zero slowly per IP, but not fast enough to cause abuse
def background_decay_ipCount():
    global ipBotCounts
    while True:
        time.sleep(60)
        for ip in ipBotCounts:
            if ipBotCounts[ip] > 0:
                print("removing 1 from " + ip)
                ipBotCounts[ip] -= 1

            if ipBotCounts[ip] < 0:
                print("adding 1 to " + ip)
                ipBotCounts[ip] += 1

decay_ip_thread = threading.Thread(target=background_decay_ipCount)
decay_ip_thread.start()


@app.route('/<world>', methods=['GET', 'PUT', 'POST'])
def handleRequest(world):
    pprint(ipBotCounts)
    path = request.path.split('/')[1]
    remoteIp = request.headers.get('X-Forwarded-For', request.remote_addr)

    if not re.match(r"[a-zA-Z0-9_]", path): #Someone is doing something dodgy
        return '', 400

    if not os.path.isdir(botPath + path):
        os.mkdir(botPath + path)

    if request.method == 'PUT':
        if ipBotCounts[remoteIp] >= 10:
            # Sent too many bots
            return '', 429

        ipBotCounts[remoteIp] += 1
        with open(botPath + path + '/' + str(uuid.uuid4()),'wb') as f:
            f.write(request.data)
        return ''

    if request.method == 'GET':
        if not len(os.listdir(botPath + path)) > 200: #not enough bots to give one out
            return '', 404

        if ipBotCounts[remoteIp] <= -10:
            # Sent too little bots to us
            return '', 429

        ipBotCounts[remoteIp] -= 1

        fileToSend = random.choice(os.listdir(botPath + path))
        fileToSend = botPath + path + '/' + fileToSend
        filedata = open(fileToSend, 'rb').read(100000)
        os.remove(fileToSend)

        return filedata

app.run(host='0.0.0.0', port=80, threaded=True)

Current server side code

4
Alright, not the best solution, but this should be temporary. You're gonna need https://www.cygwin.com/ with python3 and python3 requests, then go to the /cygdrive/c/.../Darwinbots/IM/outgoing in cygwin terminal, and

Code: [Select]
while :; do for bot in $(ls *dbo | shuf | head -n1); do curl -T$bot https://dbim.theblazehen.com/anythinggoes && rm $bot; done; rm *stats; sleep 1; done
Then save the following as im_incoming.py
Code: [Select]
import requests
import time
import random
while True:
time.sleep(0.5)
try:
print("getting bot")
r = requests.get('https://dbim.theblazehen.com/anythinggoes')
botData = r.content
if r.ok:
with open(str(random.randrange(0,1000)) + '.dbo', 'wb') as f:
f.write(botData)
f.close()
except:
print("failed to get bot")

Then cd to /cygdrive/c/Users/.../IM/incoming and
Code: [Select]
python3 /cygdrive/c/path/to/im_incoming.py
You can replace the anything goes with whichever world you want to connect to, so you can easily create your own. Note that per IP you need to stay within a range of -10 to +10 bots uploaded, so you'd be up to 10 quite quickly, then you get 1 point closer to 0 each minute. There needs to be a pool of 200 bots in the world before you can retrieve any, so it requires 200-10 minutes before you can receive anything back from the world.

@Numsgil will you be able to support using HTTP GET and PUT in the darwinbots client directly, or will it still use an external program with an incoming and outgoing directory?

5
Alright. Yeah, certbot is mainly for the simple configurations. I use caddyserver.com to automatically get certs and renew them

6
Woot, got it running. Will make it publicly available in 2-3 hours

7
Quote
two people download a file at once or getting your own bot back.

So I'm thinking for each world (better word than environment in previous reply), each client needs to stay within +10 and -10 bots (client identified by IP, not that hard to beat the restriction, but if someone wants to they'll find a way) to prevent taking all / flooding the IM with their own bots, then we keep a pool of say 100 bots on the server. If a client requests to GET a bot and they're within their limit and we have 100+ bots on the server then we choose a random bot, send it to them, and delete it from the server. Won't guarantee that you won't get the same bot right back, but you'll have a good chance it isn't the same you sent out.

8
Quote
Would you mind just walking me through setting it up?  I'd like to have at least some idea of what's changed so when it breaks I vaguely know what to poke :)  The server is just a linux box.

https://certbot.eff.org/ has a good quick start guide, otherwise we can chat on IRC or something if you have issues.

RE matrix, think of it as the IRC that we used to run just that it has scrollback / good web access etc. Was a bit off topic though.

Quote
At the moment/historically it's first-come-first-serve, and there's nothing to prevent either duplication of bots when two people download a file at once or getting your own bot back.  But we can certainly do something smarter, especially if it's only a little bit of code to enable.  But my first priority would just be getting something set up.
So what I've been thinking is to have a URL that you can use for different environments, eg im.darwinbots.com/zerobots or a private im.darwinbots.com/myownpersonalsim732187

Quote
Can you issue login credentials to people?  That would prevent at least some sorts of abuses I'm concerned with.  If we could tie it in the forum authentication that would be even better, but that might be tricky.
Should be possible, will be a bit tricky to do it with the forum details though

9
For the internet mode, will the DB client ask for if there's a bot available to get regularly and always take it if there is one, or is the server side more intelligent and selectively chooses DB clients? I've got measures in place to prevent abuse (Draining all bots / pushing out a lot of your own bots),  but I'd need to know if I need to add more intelligence for the server

Eg, if there isn't any intelligence in the client then it may be worth, on receiving an uploaded bot assign it to another connected IP, rather than sending it back to the first client that issues a GET. I feel I may be over complicating things, and the simple method should work well enough:w

10
For the internet mode stuff I'll get the server side stuff running, then it's just adding code to Darwinbots. For the https it's pretty simple to set it up, but if you give me access to the server hosting it I can do it for you. Have multiple sites using lets encrypt, as well as all my own sites ( https://crt.sh/?q=%25theblazehen.com ), and it works really well. Would also be neat to have a matrix.org / riot.im server if you'd like me to set one up

11
Yeah, I'm happy to help out.

12
Darwinbots3 / Re: Hardware survey
« on: July 19, 2017, 10:58:16 AM »
Hmm.. Would be fun to try out 32 instances with my 32 core, 128 GB RAM server :)

13
RE https or the internet mode stuff?

14
Not a "proper" web programmer, so I'd be able to get it all put together securely etc (I'm more on the admin / security kinda stuff), but it won't have a pretty web page. Someone else can write the css if they'd like. Also, I'd suggest that the site should be moved to https using lets encrypt, really simple to set it up

15
Off Topic / Re: Wow. This is still a thing. I'm glad
« on: December 26, 2016, 05:22:54 AM »
dang i just looked at your profile posts and you haven't been on in almost 2 years... welcome back :D

Thanks :) Glad to be back. And might be a bit better at doing things now. heh.

Pages: [1] 2 3 ... 6