Opened 11 years ago

Closed 11 years ago

#2853 closed defect (fixed)

Client disconnections that become duplicate logons which failban!

Reported by: bigup Owned by:
Priority: critical Component: Protocol - CCCam
Severity: high Keywords:
Cc: Sensitive: no

Description

Revision

oscam-1.20-svn.7246-ppc-tuxbox-linux-dbox2 and 6574

Issue Description

Clients Disconnect then become duplicate logons

When the issue occurs

Random, but also when someone turns their receiver off and on again. Ive tested this on a receiver on same network as server

How the issue is reproducible

Using a receiver like DM500 to connect to a Oscam only Server with CCCam protocol enabled and using a C Line. Watch a premium channel, pull the plug from the receiver, turn it on again. Oscam thinks the receiver is still connected and and will show up as duplicate user and will failban (if failban is on) and also will not connect again.

Attachments (2)

oscamlog.txt (3.1 KB ) - added by bigup 11 years ago.
oscamconfigs.txt (1.3 KB ) - added by bigup 11 years ago.

Download all attachments as: .zip

Change History (26)

by bigup, 11 years ago

Attachment: oscamlog.txt added

by bigup, 11 years ago

Attachment: oscamconfigs.txt added

comment:1 by bigup, 11 years ago

Im using newcamd protocol from a receiver on my network for entitlements and also using cccam, protocol for clients to connect in

ive tried:

1) DROPDUPS = 1 to no avail
2) ccckeepalive =1 to no avail
3) reconnecttimeout = 30 to no avail

seems like oscam server doesn't know when a receiver has disconnected or when the client is watching FTA channel and goes to a premium channel the server thinks its already connected and treats it like a dupe or anonymous.

Last edited 11 years ago by bigup (previous) (diff)

comment:2 by gf, 11 years ago

Can you reproduce this with the latest oscam, the version you are using is two months old.

in reply to:  2 comment:3 by bigup, 11 years ago

Replying to gf:

Can you reproduce this with the latest oscam, the version you are using is two months old.

i tried it with a few days old svn (cant remember the build number)

will try with absolute latest one tomorrow and see how it goes

i forgot to mention at one point when i was powering on the dm500 when it came online it disconnected ALL the clients at once, it was really quite bizarre, oscam was going crazy with failbans and fake duplicate user messages!

has anyone experienced this at all?

once thing i may also add is that most of my clients (my friends) use Blade 7000 receivers, as its not open source the cccam version preinstalled is 2.0.11. Are there any issues with this receiver and oscam?

thanks

comment:4 by FilipeAmadeuO, 11 years ago

I have this problem for a long time. Have opened several tickets with logs.
Oscam is not very robust in terms of connections. If you remove the ethernet cable oscam should detect automaticaly the internet lost. But it does not. And for this sometimes in multiples connections.
Also it should not be possible to have more than one connection per reader...
See this ticket http://www.streamboard.tv/oscam/ticket/2507
Same problem

Last edited 11 years ago by FilipeAmadeuO (previous) (diff)

in reply to:  4 comment:5 by bigup, 11 years ago

Replying to FilipeAmadeuO:

I have this problem for a long time. Have opened several tickets with logs.
Oscam is not very robust in terms of connections. If you remove the ethernet cable oscam should detect automaticaly the internet lost. But it does not. And for this sometimes in multiples connections.
Also it should not be possible to have more than one connection per reader...

thats great to hear, i thought i was going mad! how do you resolve this to make it better (not fix)?

ok just tried oscam-svn7701-powerpc-tuxbox-old-webif-Distribution and it happens still.

but ive just tried Uniq = 0 and dropdups = 1 and i think im getting better results, need to do more testing though,

is Uniq = 0 and dropdups =1 safe to use?

comment:6 by bigup, 11 years ago

right guys

clientmaxidle. this is set to 120secs as default

ive changed this to 10secs and its improving things,

now if i pull the receiver from power and power back on by the time it boots back up oscam disconnects the connection and picture comes on straight away, where as before it used to wait 120secs for it to auto disconnect. and within that 120secs, kept trying to connect causing dupe logins, and eventually failban

so does setting clientmaxidle to 10secs have any adverse effects? it must of been set to 120secs for a reason???

thanks!

comment:7 by bigup, 11 years ago

trying #7712 today and looks like issue has gone, i cant get it to reproduce the error i was getting with the disconnections....

all settings back to default i.e dupedrops = 1, clientmaxidle = 120, uniq = 1

did you guys fix something? :)

last version i tried was svn7701 which wasn't working for me

Version 2, edited 11 years ago by bigup (previous) (next) (diff)

comment:8 by bigup, 11 years ago

just tried on a newly built 32bit ubuntu server, loaded up oscam-svn7711-i686-pc-linux-webif-libusb-Distribution.tar.gz and issues still there :(

2012/10/14 17:37:59 7FF750 c xxxxx (0963&000000/0000/107D/62:B467): found (76 ms) by smartreader
2012/10/14 17:38:07 7FF750 c xxxxx (0963&000000/0000/107D/62:C824): found (75 ms) by smartreader
2012/10/14 17:38:15 7FF750 c xxxxx (0963&000000/0000/107D/62:DACF): found (75 ms) by smartreader
2012/10/14 17:38:56 801130 c client(7F311624E700) duplicate user 'xxxxx' from 192.168.1.37 (current 192.168.1.37) set to fake (uniq=1)
2012/10/14 17:38:56 801130 c xxxxx disconnected from 192.168.1.37
2012/10/14 17:38:59 802B10 c client(7F311624E700) duplicate user 'xxxxx' from 192.168.1.37 (current 192.168.1.37) set to fake (uniq=1)
2012/10/14 17:38:59 802B10 c xxxxx disconnected from 192.168.1.37
2012/10/14 17:39:10 801130 c client(7F311624E700) duplicate user 'xxxxx' from 192.168.1.37 (current 192.168.1.37) set to fake (uniq=1)
2012/10/14 17:39:10 801130 c xxxxx disconnected from 192.168.1.37
2012/10/14 17:39:22 802B10 c client(7F3116266700) duplicate user 'xxxxx' from 192.168.1.37 (current 192.168.1.37) set to fake (uniq=1)
2012/10/14 17:39:22 802B10 c xxxxx disconnected from 192.168.1.37
2012/10/14 17:39:33 801130 c client(7F311624E700) duplicate user 'xxxxx' from 192.168.1.37 (current 192.168.1.37) set to fake (uniq=1)
2012/10/14 17:39:33 801130 c xxxxx disconnected from 192.168.1.37
2012/10/14 17:39:45 802B10 c client(7F311624E700) duplicate user 'xxxxx' from 192.168.1.37 (current 192.168.1.37) set to fake (uniq=1)
2012/10/14 17:39:45 802B10 c xxxxx disconnected from 192.168.1.37
2012/10/14 17:39:56 801130 c client(7F3116266700) duplicate user 'xxxxx' from 192.168.1.37 (current 192.168.1.37) set to fake (uniq=1)
2012/10/14 17:39:56 801130 c xxxxx disconnected from 192.168.1.37
2012/10/14 17:40:08 802B10 c client(7F311624E700) duplicate user 'xxxxx' from 192.168.1.37 (current 192.168.1.37) set to fake (uniq=1)
2012/10/14 17:40:08 802B10 c xxxxx disconnected from 192.168.1.37
2012/10/14 17:40:19 801130 c encrypted cccam-client 192.168.1.37 granted (xxxxx, au=on (1 reader))
2012/10/14 17:40:23 801130 c xxxxx (0963&000000/0000/107D/62:9E5C): found (75 ms) by smartreader

as you can see i pulled the plug just after 17:38:15, receiver booted up to a channel,s erver thought it was a dupe connection, so rejected it, then at 17:40:19 it allowed it on.....

Last edited 11 years ago by bigup (previous) (diff)

comment:9 by bigup, 11 years ago

also tried #7728 today, still the same with (uniq =1, dropdups =1) everything else default

comment:10 by bigup, 11 years ago

tried oscam-svn7737 and it didnt work

seems from testing the best i can get it to work is by using uniq = 3

2012/10/16 21:23:21 101D1D50 c client(3006DB50) duplicate user 'xxxxxx' from 192.168.1.37 (prev 192.168.1.37) set to fake (uniq=3)
2012/10/16 21:23:21 101D1D50 c encrypted cccam-client 192.168.1.37 granted (xxxxxx, au=on (1 reader))
2012/10/16 21:23:22 101D1D50 c xxxxxx disconnected from 192.168.1.37
2012/10/16 21:23:23 101D6CC8 c encrypted cccam-client 192.168.1.37 granted (xxxxxx, au=on (1 reader))


oscam sees it as a dupe, drops the connection then reconnects

comment:11 by theparasol, 11 years ago

You can try what you want, if a dev is working on it for sure it will be mentioned in this ticket...

comment:12 by Admin, 11 years ago

uniq=3 is the preferred way and should work.

Disconnecting the network cable doesn't notify OSCam of the disconnect (or better: it does it but it's quite late) as long as it does not send out packets (and has some timeout for received packets). We could probably change the TCP Keepalive settings in setTCPTimeouts() function but they would need to be lowered so much that probably quite a lot of bogus traffic would be created (detection would probably need to be in less than 5 seconds). Furthermore, some plattforms (i think at least some BSD systems) seem to not support it. Maybe someone could try how much traffic this really creates.

comment:13 by theparasol, 11 years ago

Agree, I was overthinking this one also the same way. Oscam relays on the OS that is running it. How far do we have to go: strip the mac address out of the tcp/ip header and match does against concurrent connections?! If same do not drop or ban?

comment:14 by FilipeAmadeuO, 11 years ago

On Cccam protocol i also have multiple connections from the same user.
The question is how it´s possible to have multiple connections to the same server ?
And all those multiple connections are kept alive by the keepalive parameter.

comment:15 by theparasol, 11 years ago

So dont use it at server side, client site only is fine enough!

comment:16 by bigup, 11 years ago

using uniq = 3 now on #7712

started oscam server this morning at 7am, untill now 5.15pm 3 of my friends in the server have been failbanned

got the below logs:

2012/10/17 13:24:33 101E67D8 c illegal username received
2012/10/17 13:24:33 101E67D8 c anonymous disconnected from 81.xx.xxx.xxx
2012/10/17 13:24:38 101E9B38 c client(300DAB50) duplicate user 'user1' from 81.xx.xxx.xxx (prev 81.xx.xxx.xxx) set to fake (uniq=3)
2012/10/17 13:24:38 101E9B38 c encrypted cccam-client 81.xx.xxx.xxx granted (user1, au=off)


2012/10/17 17:07:31 101F40A8 c encrypted cccam-client 176.xxx.xxx.xx rejected (invalid access)
2012/10/17 17:07:31 101F40A8 c account 'Ì·…û³½ôª ÇR¢‹@¦e' not found!
2012/10/17 17:07:31 101F40A8 c anonymous disconnected from 176.xxx.xxx.xx

2012/10/17 15:08:22 101E67D8 c illegal username received
2012/10/17 15:08:22 101E67D8 c anonymous disconnected from 94.xx.xxx.xxx

2012/10/17 16:50:52 101F8910 c encrypted cccam-client 82.xx.xx.xxx rejected (invalid access)
2012/10/17 16:50:52 101F8910 c account 'gaC€Q)F^‘ÙéšLï²~^*v”' not found!
2012/10/17 16:50:52 101F8910 c anonymous disconnected from 82.xx.xx.xxx

the accounts are set up correctly, the names that appear above are exactly how they appear in oscam when they get banned (user names are properly entered in and are not random) when i unban them from failban, they reconnect ok and work ok, they not the type to mess with their accounts on their receivers.

got to be a bug surely?

any ideas?

gone back to cccam only for the time being :(

Last edited 11 years ago by bigup (previous) (diff)

comment:17 by bigup, 11 years ago

tested today with #7772 and still the same with uniq = 1 and uniq =3

2012/10/21 09:16:20  1971B50 c client(7F3E30E3E700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:16:20  1971B50 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:16:23  1974F10 c client(7F3E30E3E700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:16:23  1974F10 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:16:34  1971B50 c client(7F3E30E3E700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:16:34  1971B50 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:16:46  1974F10 c client(7F3E30E3E700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:16:46  1974F10 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:16:57  1971B50 c client(7F3E30E56700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:16:57  1971B50 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:17:09  1974F10 c client(7F3E30E3E700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:17:09  1974F10 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:17:20  1971B50 c client(7F3E30E4A700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:17:20  1971B50 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:17:32  1974F10 c client(7F3E30E3E700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:17:32  1974F10 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:17:43  1971B50 c client(7F3E30E4A700) duplicate user 'xxxxx' from 192.168.1.15 (current 192.168.1.15) set to fake (uniq=1)
2012/10/21 09:17:43  1971B50 c xxxxx disconnected from 192.168.1.15
2012/10/21 09:17:55  1974F10 c encrypted cccam-client 192.168.1.15 granted (xxxxx, au=off)

im thinking i will now try with just dropdups ON and Uniq = 0

comment:18 by bigup, 11 years ago

not having much luck here!

just tried #7775 with Uniq = 0, Dropdups = 1

2012/10/21 13:13:13 101D2890 c xxxxx (0963&000000/0000/107D/62:8469): found (77 ms) by cardslot
2012/10/21 13:13:22 101D2890 c xxxxx (0963&000000/0000/107D/62:8D41): found (77 ms) by cardslot
2012/10/21 13:13:51 101D6620 c encrypted cccam-client 192.168.1.15 granted (xxxxx, au=off)
2012/10/21 13:13:52 101D6620 c xxxxx disconnected from 192.168.1.15
2012/10/21 13:13:52 101D98E0 c encrypted cccam-client 192.168.1.15 granted (xxxxx, au=off)
2012/10/21 13:13:55 101D98E0 c xxxxx (0963&000000/0000/1135/62:1724): found (77 ms) by cardslot
2012/10/21 13:14:05 101D98E0 c xxxxx disconnected from 192.168.1.15
2012/10/21 13:14:05 101D6620 c illegal username received
2012/10/21 13:14:05 101D6620 c anonymous disconnected from 192.168.1.15
2012/10/21 13:14:16 101968D0 c encrypted cccam-client 192.168.1.15 granted (xxxxx, au=off)
2012/10/21 13:14:18 101968D0 c xxxxx (0963&000000/0000/1135/62:AAFC): found (77 ms) by cardslot
2012/10/21 13:14:25 101968D0 c xxxxx (0963&000000/0000/1135/62:E61D): found (77 ms) by cardslot 

channels connected, power off receiver, receiver back on, channel worked for a moment, then disconnection - 10 secs later back on an working again

Last edited 11 years ago by bigup (previous) (diff)

comment:19 by bigup, 11 years ago

another interesting log, notice the invalid username? random characters!

sent the user to failban, until i deleted it from failban at 13:43:47, then started working again!

2012/10/21 13:41:58 30100530 c xxxxxx (0963&000000/0000/125F/62:DD90): found (79 ms) by cardslot
2012/10/21 13:42:04 30100530 c xxxxxx (0963&000000/0000/125F/62:864E): found (79 ms) by cardslot
2012/10/21 13:42:13 30100530 c xxxxxx (0963&000000/0000/125F/62:A72F): found (79 ms) by cardslot
2012/10/21 13:42:43 30101D88 c encrypted cccam-client 192.168.1.15 granted (xxxxxx, au=off)
2012/10/21 13:42:47 0 --- Skipped 1 duplicated log lines ---
2012/10/21 13:42:47 301035E0 c xxxxxx (0963&000000/0000/125F/62:152D): found (80 ms) by cardslot
2012/10/21 13:42:55 301035E0 c xxxxxx disconnected from 192.168.1.15
2012/10/21 13:42:58 30101D88 c encrypted cccam-client 192.168.1.15 rejected (invalid access)
2012/10/21 13:42:58 30101D88 c account ''A}CƑƌ;ǸǸǽǘǺA>&zVƀǂǹ' not found!
2012/10/21 13:42:58 30101D88 c anonymous disconnected from 192.168.1.15
2012/10/21 13:43:47 30100530 c encrypted cccam-client 192.168.1.15 granted (xxxxxx, au=off)


Devs, if theres any particular test you want me to do please let me know

comment:20 by Jan Gruuthuse, 11 years ago

Have your friends tried with newcamd? Looks like Blade 7000 does support newcamd to?
Use your firewall setup to allow only your friends to connect.
192.168.1.15 is an internal home network address, look at setup of that device in your home network? Is it using other CS servers and is it setup to share your entitlements.
You did not put any of your devices in the DMZ (outside firewall in to www ?) or port forwarded?
A lot of stuff going on there and hard to pinpoint any issues.
You see warnings signs, check it out.

Last edited 11 years ago by Jan Gruuthuse (previous) (diff)

in reply to:  20 comment:21 by bigup, 11 years ago

Replying to Jan Gruuthuse:

Have your friends tried with newcamd? Looks like Blade 7000 does support newcamd to?
Use your firewall setup to allow only your friends to connect.
192.168.1.15 is an internal home network address, look at setup of that device in your home network? Is it using other CS servers and is it setup to share your entitlements.
You did not put any of your devices in the DMZ (outside firewall in to www ?) or port forwarded?
A lot of stuff going on there and hard to pinpoint any issues.
You see warnings signs, check it out.

thanks for the info mate

ive been used to using a ccam server for last 2 years all working perfect, id like to move to oscam to geta few channels that dint work with cccam server

the 192.168.1.15 receiver is a Dm500s i am using on the same network as the oscam server to do these tests. If the issues are happening on the same local LAN then they are going to occur over WAN too.

my friends have not used newcamd yet, i do use newcamd on one receiver for EMMs and same thing happens to that

port forwarding is spot on and i do not use any DMZ

issue is basically some of my friends are getting random disconnected/fake with oscam and eventually lead to failban as ive enabled that, not ideal when i have to keep checking the server every 15mins to make sure no one is getting failbanned falsely!

id like to stick to my friends using cccam as i can easily revert back to my 100% working cccam server.

seems odd how i am only experiencing this and nt many others, my setup is nothing but ordinary

seems like oscam doesn't like a receiver getting disconnected suddenly, it cant tell it has disconnected and once it comes back on to connect to the server it thinks its a dupe login.

ive tried all combinations of maxidletime, dupedrops, uniq etc

bnest ive had is dupedrops = 1, uniq = 0, maxideltime = 120 (default)

at first i thought it was the blade 7000 but im using a 500s cccam 2.1.4) for testing and it happens on that aswell

il persevere though, worse case il movbe onto cccam/oscam combo and see how that holds up!

comment:22 by Admin, 11 years ago

I recently changed the detection of network loss in r8019. Is this working better now?

comment:23 by Admin, 11 years ago

Hello?

comment:24 by Admin, 11 years ago

Resolution: fixed
Status: newclosed

No answer => closed.

Note: See TracTickets for help on using tickets.