Re: SM RCon (updated 2012-03-10)
 

Well that didn't take long. :)

Re: SM RCon (updated 2012-03-10)
 

and like every other time, they don't fix these security holes for L4D/2.
why is that? is it because l4d 1 and 2 already has everything that TF2 has or is it just valve being lazy and ignorant like usual?

Re: SM RCon (updated 2012-03-10)
 

The same fix will also be in the next Nuclear Dawn update as well.

This will leave L4D2 and CS:S as the only games this supports that requires this just for that fix (though the other functionality is still useful for plugins ofc). CS:S will also get the fix next time they sync in the engine changes.

I can add L4D1 support for this later today if its wanted.

Re: SM RCon (updated 2012-03-10)
 

that's up to you. i don't play it anymore.

Re: SM RCon (updated 2012-03-10)
 

Doesn't Valve still update L4D2 every (other?) Friday? Unfortunately, since they don't post about those changes to the server lists, you have to check the Steam News to know what changed.

Re: SM RCon (updated 2012-03-10)
 

more like every third week now and no, they don't seem to patch srcds vurnabilites on l4d2. the only thing valve has been doing lately is updating their mutations and it sucks big time.
they did fix some bugs for certain maps last month but that's it. tf2/cs:s has been having a lot of server vurnability related patches and why they haven't been pushed into l4d1/2 is something I don't understand.

tonight's update, if there will be one, will most likely be another mutation update and nothing else. if there is no update tonight, then it's been a month since the last decent update which was in february.

edit: the update contained some map bug fixing and a mutation change like usual. and like usual, they didn't patch any server vurnabilites like the rcon one that was just discovred. very dissapointed again.

Re: SM RCon (updated 2012-03-10)
 

with this extension loaded, im not able to get server logs through HLSW with rcon.
l4d2 game. as soon as I unload it, i can get live server logs from HLSW again.

Edit: will you fix it? i consider this extension useless with the metioned bug. otherwise it can be a really handy one.

Re: SM RCon (updated 2012-03-10)
 

no comment about not being able to get logs through HLSW?

one more question. if i'd put rcon_password "" in my server.cfg and then define a rcon password inside public Action:SMRCon_OnAuth, which I got to work
with HLSW (except for the logging issue I just metioned), would this still block attackers from attacking my servers tcp rcon port?

Re: SM RCon (updated 2012-03-10)
 

No comment as I haven't had time yet to verify it and/or look into it further.

If the rcon socket listens when no rcon_password is set (which I don't believe to be the case), then yes, rejecting the password in the OnAuth forward would have the same effect as the server rejecting it for not matching the rcon_password. (respecting the max retries cvars, etc.)

Re: SM RCon (updated 2012-03-10)
 

I've identified the issue causing remote logging to not function in most cases with version 1.2.0. I'll have a fixed 1.2.1 posted in a bit.