Analysis of network traffic
- Time frame: 6min30
- Number of players: 10
- Location: Near svetlo
- Server: experimental server using the latest version
- Player activity: close to none, I didn't moved more than 20 meters and I didn't pick up an object nor interact with the inventory
TOTAL
3200 packets sent in a 6min30 timeframe, an average of 8 packets sent by second by the client
13000 packets received in 6min timeframe, an average of 33 packets received by second by the client
Packets identified
FRAME_EXOPCODE_CONNECT [65 packets sent, 10 packets received]
[KO] bCommand (1 byte): A command-code bitmask that contains values that are combined by using the bitwise OR operation from the following table. The PACKET_COMMAND_CFRAME flag MUST be set, and the PACKET_COMMAND_POLL flag SHOULD be set. All other bits MUST be set to zero, and the packet MUST be ignored if they are not.
[OK] bExtOpCode (1 byte)
[KO] bMsgID (1 byte): A message identifier used to correlate responses. The initial value SHOULD be set to zero and SHOULD be incremented each time the connect packet is retried. The recipient MUST echo the value in bRspId when responding.
[KO] bRspId (1 byte): Not used in connect packets. This MUST be set to zero when sent and ignored on receipt.
[KO] dwCurrentProtocolVersion (4 bytes): The version number of the sender's DirectPlay 8 Protocol, in little-endian byte order, where the upper 16 bits are considered a major version number and the lower 16 bits are considered a minor version number. The major version number MUST be set to 0x0001; otherwise, the packet MUST be ignored. The minor version number SHOULD<1> be set to 0x0006 to indicate support for all features, including coalescence and signing.
[OK] dwSessID (4 bytes): The session identifier used to correlate responses. The value is dependent upon the implementation and SHOULD be a random, nonpredictable number. This MUST NOT be set to zero unless dwCurrentProtocolVersion indicates a minor version less than 0x0005. This MUST remain the same value when retrying the CONNECT packet. The recipient MUST echo the value in dwSessID when responding.
[KO] Timestamp (4 bytes): The requestor's computer system tick count, in millisecond units and specified in little-endian byte order. In DirectPlay, the count from when the system was booted, in milliseconds.
TRANS_USERDATA_RESYNC_VERSION [12 packets sent, 12 packets received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000CA to denote that this message requests that the protocol version number be resynchronized to the current version number.
[OK] dwVersion (4 bytes): A 32-bit integer that provides the current name table version number.
[KO] dwVersionNotUsed (4 bytes): This field MUST be set to 0 when sending and ignored on receipt.
TRANS_USERDATA_NAMETABLE_VERSION [ 9 packets sent, 24 packets received ]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000C9 to denote that this message specifies the version number of the name table.
[OK] dwVersion (4 bytes): A 32-bit integer that provides the current name table version number. The value of this field MUST NOT be 0.
[KO] dwVersionNotUsed (4 bytes): This field MUST be set to 0 when sending and ignored on receipt
TRANS_USERDATA_DESTROY_PLAYER [7 packets sent, 16 packets received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000D1 to denote that this message instructs the client to remove a specified user from the name table.
[OK] dpnidLeaving (4 bytes): A 32-bit integer that specifies the identifier of the client or server to remove from the name table.
[OK] dwVersion (4 bytes): A 32-bit integer that specifies the current name table version number.
[KO] dwVersionNotUsed (4 bytes): This field MUST be set to 0 when sending and ignored on receipt.
[KO] dwDestroyReason (4 bytes): A 32-bit integer that specifies the reason for terminating the specified client or server. This field MUST be set to one of the following values.
Sidenote:
Why do I send a TRANS_USERDATA_DESTROY_PLAYER to the server and more 7 times...
TRANS_USERDATA_ADD_PLAYER [15 packets sent, 20 packets received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000C9 to denote that this message specifies the version number of the name table.
[KO] dwVersion (4 bytes): A 32-bit integer that provides the current name table version number. The value of this field MUST NOT be 0.
[KO] dwVersionNotUsed (4 bytes): This field MUST be set to 0 when sending and ignored on receipt
[OK] dpnid (4 bytes): A 32-bit integer that specifies the identifier of the client to add.
[OK] dpnidOwner (4 bytes): A 32-bit integer that specifies the identifier of the game session owner.
Sidenote:
Why do I send a TRANS_USERDATA_ADD_PLAYER to the server ? why 15 times ?
TRANS_USERDATA_INSTRUCT_CONNECT [9 packets sent, 15 packets received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000C6 to denote that this message instructs a client to connect to a designated client.
[OK] dwVersion (4 bytes): A 32-bit integer that specifies the current version of the name table.
[KO] dwVersionNotUsed (4 bytes): This field MUST be set to 0 when sending and ignored on receipt.
Sidenote:
Why do I send a TRANS_USERDATA_INSTRUCT_CONNECT to the server, why did I received 15 times this packet ? By the way all the TRANS_USERDATA_INSTRUCT_CONNECT received a TRANS_USERDATA_INSTRUCTED_CONNECT_FAILED.
TRANS_USERDATA_INSTRUCTED_CONNECT_FAILED [9 packets sent, 15 packets received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000C7 to denote that this message indicates that a client was unable to carry out a server instruction to connect to a new client.
[OK] dpnID (4 bytes): A 32-bit integer that provides the identifier for the client.
TRANS_USERDATA_HOST_MIGRATE [9 packets sent, 39 packet received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000CD to denote that this message indicates that the host migration procedure has started.
[OK] dpnidOldHost (4 bytes): A 32-bit integer that provides the identifier for the old host.
[OK] dpnidNewHost (4 bytes): A 32-bit integer that provides the identifier for the new host.
Sidenote:
Why do I receive and send TRANS_USERDATA_HOST_MIGRATE packets ? At least why this much ?
TRANS_USERDATA_HOST_MIGRATE_COMPLETE [9 packets sent, 16 packets received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000CE to denote that this message informs clients that the game session-hosting responsibilities have successfully migrated from the departing old host.
TRANS_USERDATA_PLAYER_CONNECT_INFO [9 packets sent, 16 packets received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000C1 to denote that this message sends client connection information to the host server.
[KO] dwFlags (4 bytes): A 32-bit integer that specifies the connect flags. This field MUST be set to 0x00000004 to indicate that the connecting application is a peer.
[KO] dwDNETVersion (4 bytes): A 32-bit integer that provides the DirectPlay version. This field MUST be set to the appropriate DirectPlay version.<9>
[KO] dwNameOffset (4 bytes): A 32-bit integer that provides the offset, in bytes, from the end of dwPacketType to the connecting client's name field. This value MUST NOT be 0.
[KO] dwNameSize (4 bytes): A 32-bit integer that specifies the size, in bytes, of the data in the name field. This value MUST NOT be 0.
[KO] dwDataOffset (4 bytes): A 32-bit integer that provides the offset, in bytes, from the end of dwPacketType to the data field. If dwDataOffset is 0, the packet does not include client data.
[KO] dwDataSize (4 bytes): A 32-bit integer that provides the size, in bytes, of the data field.
[KO] dwPasswordOffset (4 bytes): A 32-bit integer that provides the offset, in bytes, from the end of the dwPacketType field to the start of the password. When the packet does not include a password, this MUST be set to 0.
[KO] dwPasswordSize (4 bytes): A 32-bit integer that provides the size, in bytes, of the password. When the packet does not include a password, this MUST be set to 0.
[KO] dwConnectDataOffset (4 bytes): A 32-bit integer that provides the offset, in bytes, from the end of the dwPacketType field to the connectData field. If dwConnectDataOffset is 0, the packet does not include connection data.
[KO] dwConnectDataSize (4 bytes): A 32-bit integer that provides the size, in bytes, of the connectData field.
[KO] dwURLOffset (4 bytes): A 32-bit integer that provides the offset, in bytes, from the end of the dwPacketType field to the url field. If dwURLOffset is 0, the packet does not include the client URL.
[KO] dwURLSize (4 bytes): A 32-bit integer that provides the size, in bytes, of the url field.
[OK] guidInstance (16 bytes): The instance GUID of the game session. This MUST be the same GUID received in the EnumResponse (section 2.2.5) message; otherwise, the recipient MUST respond with a TRANS_USERDATA_CONNECT_FAILED (section 2.2.13) message.
[OK] guidApplication (16 bytes): The application GUID. This field MUST be set to 61EF80DA-691B-4247-9ADD-1C7BED2BC13E, which is the GUID for the DXDiag application. Otherwise, the recipient MUST respond with a TRANS_USERDATA_CONNECT_FAILED message.
[KO] dwAlternateAddressDataOffset (4 bytes): A 32-bit integer that provides the offset, in bytes, from the end of the dwPacketType field to the alternateAddressData field. If dwAlternateAddressDataOffset is 0, the packet does not include the alternate address data. This field is used in DirectPlay version 9.
[KO] dwAlternateAddressDataSize (4 bytes): A 32-bit integer that provides the size, in bytes, of the alternateAddressData field. This field is used in DirectPlay version 9.
[KO] alternateAddressData (variable): A variable length array that provides alternative address data that is used to connect the client. This field's position is determined by dwAlternateAddressDataOffset and the size stated in dwAlternateAddressDataSize. This field is used in DirectPlay version 9. The address that is passed in is formatted via the DN_ALTERNATE_ADDRESS structure format.
[KO] url (variable): A variable length, zero-terminated character array that contains the client URL. This field's position is determined by dwURLOffset and the size stated in dwURLSize.
[KO] connectData (variable): A variable length field that contains a byte array that provides the connection data. This field's position is determined by dwConnectDataOffset and the size stated in dwConnectDataOffsetSize.
[KO] Password (variable): A variable length, zero-terminated wide character array that contains the application password data. This field's position is determined by dwPasswordOffset and the size stated in dwPasswordSize. This data is passed in clear text to the protocol layer.
[KO] data (variable): A variable length, zero-terminated character array that contains the client data. This field's position is determined by dwDataOffset and the size stated in dwDataSize.
[KO] name (variable): A variable length, zero-terminated wide character array that contains the client name. This field's position is determined by the dwNameOffset field and the size stated in the dwNameSize field; both are fields in the DN_NAMETABLE_ENTRY_INFO structure. The last character indicated by dwNameSize SHOULD be treated as the terminating null character, even if the sender did not transmit it that way.
Sidenote:
Same behavior as for the TRANS_USERDATA_HOST_MIGRATE I am probably authenticating to the new host but still this is beyond weird
TRANS_USERDATA_SEND_PLAYER_DNID [15 packets sent, 16 packets received]
[KO] dwPacketType (4 bytes): A 32-bit integer that indicates the packet type. This field MUST be set to 0x000000C4 to denote that this message sends a user identification number to another client.
[OK] dpnID (4 bytes): A 32-bit integer that provides the identifier of the client.
TRANS_USER_DATA_SEND_MESSAGE [15 packets sent, 95 packets received]
[KO] nType (2 bytes): A 16-bit integer that identifies the type of chat message being transmitted. This field MUST be set to GAME_MSGID_CHAT (1).
[KO] (Garbage string) strChatString (400 bytes): A Unicode-format chat message string. The application SHOULD send 200 Unicode characters. If the length of the actual chat string is less than 200 Unicode characters, then the value specified in strChatString SHOULD be padded. If the length of the chat string in the received packet is less than 200 Unicode characters, the receiver SHOULD send an acknowledgment for the message, and the receiver SHOULD discard the message.
Sidenote:
I seems to send garbage messages automatically and to receive the sames
TRANS_USERDATA_SEND_SESSION_INFO [11 packets received, 26 packets sent]
[KO] content of the packet is mostly garbage and is not being initialized
TRANS_USERDATA_TERMINATE_SESSION [9 packets sent, 28 packets received]
[KO] dwPacketType (4 bytes): A 32-bit field that contains the packet type.
[KO] dwTerminateDataOffset (4 bytes): A 32-bit field that contains the offset from the end of dwPacketType for the data passed from the server/host application that describes why the client is being terminated.
[KO] dwTerminateDataSize (4 bytes): A 32-bit field that contains the size, in bytes, of the terminate data. If dwTerminateDataOffset is 0, dwTerminateDataSize SHOULD also be 0. If dwTerminateDataOffset is not 0, dwTerminateDataSize SHOULD also not be 0.
- TerminateData (variable): A variable-length field that contains a byte array from the application that describes why the client is being terminated from the game session.
Sidenote:
The dwTerminateDataSize shouldn't be the size of the byte array ? because it is 9867 for some packet with a byte array of 30 for example.
Conclusion
Packets are wrongly formated which present a risk of corruption and incorrect behavior in a lot of cases.
All the packets sent and received with the identifiers below should not happen during playtime (beside exceptions):
TRANS_USERDATA_PLAYER_CONNECT_INFO
TRANS_USERDATA_HOST_MIGRATE_COMPLETE
TRANS_USERDATA_INSTRUCTED_CONNECT_FAILED
TRANS_USERDATA_INSTRUCT_CONNECT
TRANS_USER_DATA_SEND_MESSAGE
TRANS_USERDATA_TERMINATE_SESSION
TRANS_USERDATA_SEND_SESSION_INFO
TRANS_USERDATA_DESTROY_PLAYER and TRANS_USERDATA_ADD_PLAYER should not be there, I didn't kill anyone and I didn't reconnect myself during the play session.
{F32915}