FAQ for hlds_ld; a client-server administration and monitoring daemon for Linux Half-Life servers. Rob "Maelstrom" Abbott linuxhlds@halflife.org http://linuxhlds.halflife.org Last revision date: 14 Dec 2000, release 1.32b2 - added FOULON/FOULOFF Last revision date: 30 Aug 2000, release 1.23 - notes on TK and foul-language files in section 4.0 - java client was written, updated 8.2 Last revision date: 26 Jun 2000, release 1.11b2 - added hlds_ld.badwords in section 4.0 - changed information on hlds_l.cfg in section 4.0 - added DECAY command in section 6.0 11 Jun 2000: - added section 2.4 - added CYCLE command in section 6.0 ---------------------------------------------------------------------- Table of Contents 1.0 Will it run under Windows? 1.1 Will it run without X-Windows? 2.0 I'm having problems setting this up. 2.1 Start options and autoexec.cfg 2.2 How do I set this up to manage multiple copies of the same mod on one box? 2.3 I get an error about "unable to create FIFO." What's the deal? 2.4 How do I configure hlds_ld to start when my machine boots? 2.5 When I start hlds_ld, it just sits there and does nothing. What's the deal? 2.6 Why does 'timeleft' report ??:?? 2.7 How do I set up MOD voting? 3.0 What about security? 3.1 Rant 3.2 Options for dealing with security issues 4.0 What files are used by hlds_ld? 5.0 What about bandwidth? 6.0 Are there any commands that I can't run from a GUI menu? 7.0 I need help with Linux! 7.1 Running under distributions other than RedHat 7.2 Specific settings for SuSE 8.0 Miscellaneous questions 8.1 I don't have a client handy but I can get to my server. Do I have any options? 8.2 Can I write my own client? 8.3 Why do hlgui / hlclustermon hang sometimes when connecting? 8.4 What's the deal with the text client? 8.5 Why does the countdown timer go positive sometimes? ---------------------------------------------------------------------- 1.0 Will it run under Windows? hlds_ld is a client/server application. The CLIENT ONLY runs under windows. You can view or monitor a Linux server from Windows. That's it. If you're running a dedicated hlds server under Windows, you WILL NOT be able to use this tool to manage your server. I know very little about windows I/O. If you are a windows guru with some ideas, I would be quite happy to hear them. Otherwise, don't bother me with questions about windows. I receive far too many of them. Check http://www.planethalflife.com/commands for tools that are available to manage a Windows server. 1.1 Will it run without X-Windows? YES. You need some sort of windows CLIENT to run the GUIs, but the server component DOES NOT NEED X-WINDOWS. In fact, I don't run X on my server. ---------------------------------------------------------------------- 2.0 I'm having problems setting this up. You MUST have hlds_run set up and running prior to using hlds_ld. This means that the following commands should produce a running tfc server, for example: cd $HLDIR ./hlds_run -game tfc +exec autoexec.cfg If you have problems here, I suggest the following resources: http://www.planethalflife.com/commands The VaLVe Linux HLDS mailing list (THIS LIST IS VERY USEFUL!) Send email to: listadmin@valvesoftware.com With "subscribe hlds_linux" in the BODY of your message. Please note that if you start hlds_run "outside" of hlds_ld you will have problems when you start hlds_ld. It won't be able to find your running hlds_run server. So once you have your server working, shut it down, then start it using hlds_ld. 2.1 Start options and autoexec.cfg One thing that might be causing you problems is that you're not specifying the proper options on the command line. hlds_run needs at least the following commands for it to start properly. maxplayers <n> map <mapname> Where <n> is an integer and <mapname> is the name of a map. You can use these as arguments with the following syntax: +maxplayers 14 +map 2fort Or you can put them in your autoexec.cfg. If you do this, make sure your arguments contain "+exec autoexec.cfg". (This is the default). Here's a copy of my autoexec.cfg: ----- // Logging full, and dump logfiles to logs/ fullserverinfo log on // Set max # of players maxplayers 12 // Extended info in GameSpy...? sv_type 1 // Start the map! map rock2 ----- 2.2 How do I set this up to manage multiple copies of the same mod on one box? This was not an easy problem to solve. For now I have decided that you must have multiple HLDIRs in order to run multiple instances of the same MOD on a single machine. I'll walk through an example of how to set up your second HLDIR: Assume your HLDIR is /games/hlds_l Your new HLDIR will be /games/hlds_l2 Type the following commands: tcsh setenv HLDIR /games/hlds_l cd /games mkdir hlds_l2 cd hlds_l2 cp $HLDIR/hlds_ld* . ln -s $HLDIR/hlds_l hlds_l What have we just done here? The cp command copied the files that you want to be unique. You want your hlds_ld.cfg file to be unique, because you want to specify different options in each HLDIR. The ln command created a symbolic link for files that you don't need to be unique. This saves a LOT of disk space and headache. I suggest you symlink your maps/ directory for example. You'll have to set up the rest of the files and subdirectories yourself using cp an ln. A script has been written that will do this for you. It's included in the unsupported/ directory of the distribution. Thanks to Jan Johansson for sending me his script! Once everything is set up, here's how you manage things (assuming you're running two tfc servers on the same machine): setenv HLDIR /games/hlds_l hlds_ld tfc & setenv HLDIR /games/hlds_l2 hlds_ld tfc & Make sense? Good. Enjoy. If you have questions please post them to the forum, which can be reached from http://linuxhlds.halflife.org 2.3 I get an error about "unable to create FIFO." What's the deal? In order to support multiple instances of the same mod on one box, I had to move the FIFOs from /tmp back to $HLDIR. This means that anyone running hlds_run on a vfat partition will not be able to run hlds_ld as you currently have it configured. You shouldn't be doing this anyway, but if you *really* want to leave your dedicated server stuff on a vfat partition I suggest you create an $HLDIR on an ext2 partition and use symbolic links to point to the stuff on your vfat partition. 2.4 How do I configure hlds_ld to start when my machine boots? I only know how to do this in RedHat Linux, and I'll just describe the "simple method" here :-) Users of other distros please send me information on how rc scripts work in your environment and I'll add it to the FAQ. RedHat linux executes a file called "/etc/rc.d/rc.local" when it boots. So if you have any tasks that you want to start at boot-time, just add them to this file. Here's what I use to start a TFC server. These lines come directly from my rc.local file: # Half-Life/TFC server echo "Starting hlds" HLDIR=/games/half-life find $HLDIR -name "*.pid" -exec rm -f {} \; > /dev/null 2>&1 su hlds -c '/usr/local/bin/hlds_ld tfc &' > /tmp/hlstart.log 2>&1 Here's the explanation of each line: echo - This just echoes "Starting hlds" to your system messages file (/var/log/messages) HLDIR - this sets your HLDIR environment variable. Very important. find - This exists for safety. If your box crashed or was shut down without hlds_ld going down clean, there is a small chance it won't restart automatically. This command cleans up some files that may prevent the restart. su - This starts hlds_ld, AS THE USER "hlds". Meaning you must have a user called "hlds" on your machine to make this work. If you want hlds_ld to run as another user, just change "su hlds" to "su nobody" or whatever. DO NOT run hlds_ld as root! 2.5 When I start hlds_ld, it just sits there and does nothing. What's the deal? hlds_ld is meant to run in the background. It produces no output to the console. To see if hlds_ld is running, examine the $HLDIR/<mod>/hlds_ld.log file. 2.6 Why does 'timeleft' report ??:?? This will usually occur on the very first map that's run, or if you've restarted hlds_ld on an already-running hlds_run. Be patient and wait for the map to change :-) 2.7 How do I set up MOD voting? Let's say you want players to be able to vote between TFC and CS, TFC being your 'primary' server. You should have a hlds_ld.cfg in both your tfc/ and cstrike/ directories. The TFC should have the following configured: port=27015 dport=3000 autostart=1 votemodnames=tfc cs votemoddirs=tfc cstrike CS should have the following configured: port=27015 dport=3001 autostart=0 votemodnames=tfc cs votemoddirs=tfc cstrike Note that both TFC and CS will use the same port for hlds_run, and a different port for hlds_ld. This means that you can run two copies of hlds_ld, but only one hlds_run at a time. Start things up as follows: hlds_ld tfc & hlds_ld cstrike & The hlds_ld managing TFC will autostart a TFC server. The cstrike hlds_ld will start and wait for cstrike to get vote in, at which time it will manage the running cstrike server. ---------------------------------------------------------------------- 3.0 What about security? 3.1 Rant Let me begin by saying I'm no security expert. If you have additional information or advice regarding security in a client-server environment, I would be happy to hear your input. No flames please, I'm no security expert. Having said that, you should be aware of the following issues: When a client connects to hlds_ld, they must send an authentication string. If you've configured a non-empty string for the "administrator" level of authentication, and the user knows this string, they will be able to do anything to your hlds_run server that they can do with rcon. The connection between the client and the server is not encrypted (I am playing with SSL, so this may be a feature in a future release). Since the connection is not encrypted, the authentication string can be seen by anyone between the client and your server. I beleive it is also possible for a hacker to pirate/take over the connection once it's been established. There are tools, such as ssh (www.freessh.org), that will allow you to encrypt this connection. I actually use this and it works quite well. I do not beleive that the connection between hlds_run and HL clients is encrypted either. So if you or one of your users is doing rcon remotely, it's possible for a hacker to get your rcon password and mess with your server anyway. Oh by the way - Don't run this tool, or hlds_run as root. That's a bad idea. 3.2 Options for dealing with security issues You've got a couple of options available to you to help avoid security threats. Since hlds_ld listens on a specified port, you can use a firewall tool such as ipchains to protect that port. You can specify an empty "administrator" authentication string. Clients will only be able to monitor the server. You can specify that hlds_ld run in "local administrator" mode. hlds_ld will only authenticate clients that are connecting from localhost. Meaning, you must run the GUI or text client on the same machine as hlds_ld in order to authenticate as an administrator. You can specify that hlds_ld run in "local only" mode. hlds_ld will only auth connections from localhost. You must run the GUI or text client on the local machine in order to authenticate at all. If you're running ssh or ssh2, you can forward ports through your secure connection. Colin Corbett created a webpage explaining how to do this with ssh on Linux and Secure CRT on Windows, check it out: http://tfc.congiman.com/hlds ---------------------------------------------------------------------- 4.0 What files are used by hlds_ld? hlds_ld uses/creates/modifies the following files: SERVER $HLDIR/<game>/hlds_ld.cmd Created by hlds_ld at startup. Used as a FIFO to send commands to the server. This file is zero bytes will not grow in size. $HLDIR/<game>/stats.out Any stdout from your optional statistics program will go here. $HLDIR/<game>/hlds_l.log hlds_l's output redirected to a log file. hlds_ld watches this file for events, such as someone casting a vote or disconnecting. Note that this file can get large over time. Keep an eye on it if you're short on disk. The only way to remove this file is to stop and start your hlds_run server. The existing file will be moved to hlds_l.log.old. It's safe to delete the .old file. $HLDIR/<game>/hlds_ld.log Logs significant events that hlds_ld processes, such as client connects, disconnects, commands, authentication, or internal errors. Grep for the following strings in this file to look for errors or possible security attacks: INFO ERR WARN AUTH $HLDIR/<game>/hlds_ld.cfg The hlds_ld configuration file. hlds_ld reads this at startup, and anytime it changes. Use an editor to modify this file. Make sure you look at this file, it contains all of the configuration information that you need to set up! $HLDIR/<game>/hlds_ld.badwords If you have "foulcheck" set to 1, the daemon will read a list of words from this file. See hlds_ld.cfg for notes on the file format. $HLDIR/<game>/hlds_ld.tks Offenders that have violated the TK-checking system are stored here, until they are either decayed out or reach the warning limit. The daemon will create this file as necessary. $HLDIR/<game>/hlds_ld.offenses Offenders that have violated the foul-language checking system are stored here, until they are either decayed out or reach the warning limit. The daemon will create this file as necessary. $HLDIR/crashes If the server should crash, a copy of the hlds_l.log file will be copied to this directory with a unique name. If a core file was produced, it will also put a stack backtrace in the same directory. If you're having a lot of crashes, you'll need to watch this directory for space, as these files can be quite large! TCP port hlds_ld listens on the TCP port you specify for connections from clients. CLIENT hlds_ld_client.cfg The hlds_ld client configuration file. When a client starts, it looks for this in $HLDIR. If the file isn't there, it will look for it in it's working directory. You can change the options specified in this file by using the "Options" menu in the GUI client. ---------------------------------------------------------------------- 5.0 What about bandwidth? The conversation between the client and the server should use fairly little bandwidth. If many users are connecting and dropping, the bandwidth usage will increase. If many clients are connected with "Get Text" enabled on a busy server, bandwidth usage will increase. You should advise your users to disable this function if they are going to leave the client GUI running for an extended period of time. "Get Text" is disabled by default. ---------------------------------------------------------------------- 6.0 Are there any commands that I can't run from a GUI menu? Yes. There are a few commands that the GUI doesn't support via pulldown menu or button. Just type them at the "Server Command: " prompt. They ARE case-sensitive. TKON Enable TK-checking as configured in hlds_ld.cfg. This does not modify the configuration file (only affects the running server) TKOFF Disable TK-checking. The configuration file is not modified. FOULON Enable foul-language checking as configured. Only affects the running daemon. FOULOFF Disable foul-language checking. The configuration file is not modified. STATS Dump some statistics on hlds_ld. You must be receiving text in normal or chat mode in order to see the statistics. STOPD Stops hlds_ld. You probably shouldn't use this one too much. Once hlds_ld is stopped, you can't restart it from any client! STOPALL Stops hlds_ld AND hlds_run. STOPVOTE If a voting session is running, stop it and tally the votes. ZAP all|[sockN] When you type STATS, it gives you a list of active connections. Each connection has a "sockN" identifier associated with it. If you wish to disconnect a particular connection, type "ZAP sockN" where N is the socket ID. "ZAP all" will disconnect everybody. CYCLE This will close the current hlds_ld.log file, move it to .old, and start a new one. DECAY This will decay all bad-language offenses by 1 warning. See hlds_ld.cfg for more information on how decay works. FORTUNE Brodcast a random 'fortune' to all players. MODELON Turn on model determination. MODELON Turn off model determination. WEAPON Turn on weapon limitations. WEAPOFF Turn off weapon limitations. WEAP <list> Set banned weapons to <list> for the CURRENT MAP RUN ONLY. WEAPDEF <list> Set banned weapons to <list> for the default and the current map run. MAXOFF Disables the 'maxmod' feature. ---------------------------------------------------------------------- 7.0 I need help with Linux! Several people have asked me for help with Linux. I try to help but there are a ton of valuable resources out there. Here are a few: http://www.linux.org http://www.slashdot.org http://www.linuxnewbies.org Please note that I wrote and run this GUI on RedHat Linux 6.0. Some users are experiencing trouble with things on other distributions but they can usually get things to work. I suggest re-installing Tcl/Tk/TclX if you're having trouble on another o/s. Links to the source are on my webpage http://linuxhlds.halflife.org Also note: I hate distribution wars. I am not suggesting that RH is the only way to go. This is Linux, use what you are comfortable with!! 7.1 Running under distributions other than RH Note that the install script should be able to figure out where your extended Tcl interpreter is. If it couldn't find one, follow the instructions below. Since hlds_ld and hlgui are scripts, they tell linux which interpreter to use on their first line, with hash-bang "#!". hlds_ld uses "wish", which means "window shell", which is the Tk interpreter. hlds_l uses "tcl", which is the Tcl interpreter. Both of these interpreters *must* have Extended Tcl functionality compiled in. If you're having any of the following problems when starting the daemon or GUI, you may need to edit the first line of the scripts. - "Command not found". Linux is probably finding the hlgui or hlds_ld script, but it's not finding the interpreter. Edit the first line to point to the proper interpreter. - "Unknown command 'cequal'" (or some other command name) You're probably running an interpreter that doesn't have Extended Tcl. Install Extended Tcl, or look for an interpreter called "tclx". 7.2 Specific settings for SuSE Benjamin Vogel sent me the following information for SuSE: hlds_ld #!/usr/bin/tclx hlgui #!/usr/X11R6/bin/wishx Make sure you have 'wishx' and 'tclx', and not just 'wish' and 'tcl'. The 'x' is for Extended Tcl, which is a requirement! You may need to do something similar for other distributions. If you get this running on another distro and have to tweak things, please shoot me an email so I can add it to the FAQ! ---------------------------------------------------------------------- 8.0 Miscellaneous questions 8.1 I don't have a client handy but I can get to my server. Do I have any options? Yes. You can telnet to the port that hlds_ld is listening on (e.g. telnet <ip addr> <port>). When it connects, type your authorization string and then hit return. You'll see some raw data coming across. Anything you type will be sent to the server, unless it's a special command (like TEXT) that hlds_ld would intercept. Assuming of course, you're authorized to issue commands. If you aren't, the connection will be terminated by the daemon. 8.2 Can I write my own client? Hell yes! It would be great if someone wrote a web-based Java client ;) Jul-2000: Native windows client has been written :-) Thanks Kai!! Aug-2000: Java client has been written :-) Thanks Alec!! The data passed from server to client is in a keyed-list structure. This is something specific (I think) to Tcl. Go to http://www.tcltk.com for information on Tcl and keyed lists. If you have additional questions about the data structures passed to the client from the server, feel free to send me an email. 8.3 Why do hlgui / hlclustermon hang sometimes when connecting? This only occurs on Windows. If you are attempting to connect to a machine that is down, or has firewalled the port you are trying to connect to, it may take a minute or two for the connection to time out. Unfortunately the socket implementation on Windows (for TclX, anyhow) leaves a little bit to be desired. The issue does not occur on unix. 8.4 What's the deal with the text client? Heh. There isn't a true text-based client yet. I just haven't written it! Now that the GUIs are multi-platform I just don't feel there's as much of a need. I'm sure you beg to differ, so send me an email with your thoughts ;) I DID make modifications to hlcmd so that it will work with hlds_ld. This is a SERVER-ONLY solution. It will only work if you run it on the same server that hlds_ld is running on. In fact, it's an ugly hack. But it will allow you to do most administration you need to do from the command-line. I mainly use it so that I can manage hlds_run via cron. Unfortunately, you cannot use hlcmd to stop your server, or hlds_ld will think that the server has crashed. This will exist until I get around to writing the text client. 8.5 Why does the countdown timer go positive sometimes? This happens if the map exceeds the time specified by mp_timelimit. Sometimes a map will sit there for up to two minutes after the match ends! If this happens consistently, change the "map time hack" option in your hlds_ld configuration. It's under the "Game Specific Options". The time you're seeing is specified in seconds only.