Navigation
API > API/Runtime > API/Runtime/Engine
RPC DoS detection
Implements DoS detection for NetConnection RPC's, using an escalating series of detection states depending on the severity of the DoS, to prevent false positives and minimize any performance impact.
RPC's are profiled based on count and execution time, with careful implementation of tracking to balance lookup speed, memory usage, timing, and analytics tracking.
| Name | FRPCDoSDetection |
| Type | class |
| Header File | /Engine/Source/Runtime/Engine/Public/Net/RPCDoSDetection.h |
| Include Path | #include "Net/RPCDoSDetection.h" |
Syntax
class FRPCDoSDetection : protected FRPCDoSState
Inheritance Hierarchy
- FRPCDoSState → FRPCDoSDetection
Classes
| Name | Remarks |
|---|---|
| FPacketScope | Variables and functions that should only be accessible while receiving an individual packet |
| FSequentialRPCScope | Variables and functions that should only be accessible while receiving the same RPC individually/sequentially |
| FTickScope | Variables and functions that should only be accessible during TickDispatch |
| TScopeBase | Base class for setting code scope activity |
Structs
| Name | Remarks |
|---|---|
| FLightweightRPCTracking | Lightweight RPC tracking state |
Constants
| Name | Type | Remarks | Include Path |
|---|---|---|---|
| DefaultActiveRPCTrackingSize | int32 | Default size for ActiveRPCTracking, to minimize realloc | Net/RPCDoSDetection.h |
| TimeQuotaCheckInterval | double | Interval for time quota checks, in seconds | Net/RPCDoSDetection.h |
Variables
Protected
| Name | Type | Remarks | Include Path | Unreal Specifiers |
|---|---|---|---|---|
| ActiveRPCTracking | TArray< FActiveRPCTrackingInfo > | Stores a reference to active/valid RPCTracking entries, for faster cleanup - as the above map stores values sparsely. | Net/RPCDoSDetection.h | |
| ActiveState | int8 | The currently active RPC DoS severity state settings | Net/RPCDoSDetection.h | |
| AddressFunc | FGetRPCDoSAddress | Callback used for getting the address of the NetConnection the RPC DoS Detection is associated with | Net/RPCDoSDetection.h | |
| AnalyticsMinTimePerSecThreshold | double | The minimum RPC time per second threshold, for doing analytics updates/checks | Net/RPCDoSDetection.h | |
| AnalyticsVars | FRPCDoSAnalyticsVars | The locally cached/updated analytics variables, for the RPC DoS Detection - aggregated upon connection Close | Net/RPCDoSDetection.h | |
| bHitchSuspendDetection | bool | Whether or not RPC DoS Detection has been suspended, due to a hitch impairing the accuracy of measurements | Net/RPCDoSDetection.h | |
| bRPCDoSAnalytics | bool | Whether or not analytics for RPC DoS detection is enabled | Net/RPCDoSDetection.h | |
| bRPCDoSDetection | bool | Whether or not RPC DoS detection is presently enabled | Net/RPCDoSDetection.h | |
| bRPCTrackingEnabled | bool | Whether or not RPC Tracking has been enabled by RPC DoS escalation or other checks | Net/RPCDoSDetection.h | |
| CachedAddress | FString | Player IP cached from AddressFunc | Net/RPCDoSDetection.h | |
| CachedPlayerUID | FString | Player UID cached from PlayerUIDFunc | Net/RPCDoSDetection.h | |
| CounterPerPeriodHistory | FRPCDoSCounters | Counter history which is precalculated/cached from CounterPerSecHistory, for tracking per-period time (up to a maximum of 16s) | Net/RPCDoSDetection.h | |
| CounterPerSecHistory | TArray< FRPCDoSCounters > | Stores enough per second quota history, to allow all DetectionSeverity states to recalculate if their CooloffTime is reached | Net/RPCDoSDetection.h | |
| DetectionSeverity | TArray< FRPCDoSStateConfig > | The different RPC DoS detection states, of escalating severity, depending on the amount of RPC spam | Net/RPCDoSDetection.h | |
| ForcedRPCTracking | FName | If the related CVar is set, the name of the RPC which should forcibly enable tracking. | Net/RPCDoSDetection.h | |
| ForcedRPCTrackingChance | double | Specifies the chance (between 0.0 and 1.0) that tracking will be enabled, when encountering the ForcedRPCTracking RPC | Net/RPCDoSDetection.h | |
| ForcedRPCTrackingEndTime | double | Specifies the time at which forced RPC tracking should end, if tracking isn't enabled by the active state | Net/RPCDoSDetection.h | |
| ForcedRPCTrackingLength | double | Specifies the length of time forced RPC tracking should be enabled (disabled the next tick, if 0.0) | Net/RPCDoSDetection.h | |
| HitchSuspendDetectionStartTime | double | Timestamp for when RPC DoS Detection was suspended, due to a hitch | Net/RPCDoSDetection.h | |
| HitchSuspendDetectionTimeMS | int32 | The amount of time to suspend RPC DoS Detection, once a hitch is encountered, to prevent false positives from built-up packets | Net/RPCDoSDetection.h | |
| HitchTimeQuotaMS | int32 | The amount of time since the previous frame, for detecting hitches, to prevent false positives from built-up packets | Net/RPCDoSDetection.h | |
| KickPlayerFunc | FRPCDoSKickPlayer | Callback used for kicking the player after a bad enough RPC DoS | Net/RPCDoSDetection.h | |
| LastAnalyticsThresholdRecalc | double | The last time the 'AnalyticsMinTimePerSecThreshold' was recalculated | Net/RPCDoSDetection.h | |
| LastCounterPerSecHistoryIdx | int32 | The last written index of CounterPerSecHistory | Net/RPCDoSDetection.h | |
| LastMetEscalationConditions | double | The last time the previous severity states escalation conditions were met (to prevent bouncing up/down between states) | Net/RPCDoSDetection.h | |
| LastPerSecQuotaBegin | double | Timestamp for the last time per-second quota counting began | Net/RPCDoSDetection.h | |
| LastPreTickDispatchTime | double | Cached PreTickDispatch timestamp, to reuse for minimizing timestamp retrieval | Net/RPCDoSDetection.h | |
| LastRPCTrackingClean | double | The last time RPCTracking was cleaned out | Net/RPCDoSDetection.h | |
| MaxRPCTrackingPeriod | int8 | The runtime maximum number of seconds of RPC tracking that is used | Net/RPCDoSDetection.h | |
| NextTimeQuotaCheck | double | Timestamp for when time quota's should next be checked | Net/RPCDoSDetection.h | |
| PacketScopePrivate | FPacketScope | Scoped variables/functions accessible while receiving an individual packet | Net/RPCDoSDetection.h | |
| PlayerUIDFunc | FGetRPCDoSPlayerUID | Callback used for getting the unique id of the NetConnection the RPC DoS Detection is associated with | Net/RPCDoSDetection.h | |
| ReceivedPacketEndTime | double | Cached free/external timestamp, for when the last received packet finished processing | Net/RPCDoSDetection.h | |
| RPCBlockAllowList | TArray< FName > | List of RPC's which should never be blocked | Net/RPCDoSDetection.h | |
| RPCDoSAnalyticsData | TNetAnalyticsDataPtr< FRPCDoSAnalyticsData > | The net analytics data holder for the RPC DoS analytics, which is where analytics variables are aggregated upon Close | Net/RPCDoSDetection.h | |
| RPCIntervalCounter | uint32 | Unbounded RPC counter, for performing RPC checks at every 'x' intervals | Net/RPCDoSDetection.h | |
| RPCTracking | TMap< void *, TSharedPtr< FRPCTrackingInfo > > | Maps UFunction pointers to live function tracking structs (NOTE: Treats the UFunction's as potentially invalid/GC'd, hence void*) | Net/RPCDoSDetection.h | |
| SecondCounter | FRPCDoSCounters | Per-second RPC counting (approximate - may cover more than one second, in the case of expensive/long-running RPCs) | Net/RPCDoSDetection.h | |
| SecondsIncrementer | uint8 | Wrapping count of seconds passed, for RPC tracking | Net/RPCDoSDetection.h | |
| SequentialRPCScopePrivate | FSequentialRPCScope | Scoped variables/functions accessible while receiving the same RPC individually/sequentially | Net/RPCDoSDetection.h | |
| TickScopePrivate | FTickScope | Scoped variables/functions accessible during TickDispatch | Net/RPCDoSDetection.h | |
| WorstActiveState | int8 | The worst RPC DoS severity state that has been active | Net/RPCDoSDetection.h | |
| WorstAnalyticsState | int8 | The worst RPC DoS severity state that has been active and passed confirmation thresholds - used for limiting analytics events | Net/RPCDoSDetection.h |
Functions
Public
| Name | Remarks | Include Path | Unreal Specifiers |
|---|---|---|---|
void Init
(
FName NetDriverName, |
Initialize RPC DoS Detection, inputting callbacks for retrieving external information necessary for analytics. | Net/RPCDoSDetection.h | |
void InitConfig
(
FName NetDriverName |
Initializes configuration settings for RPC DoS Detection - with support for hot reloading | Net/RPCDoSDetection.h | |
bool IsRPCDoSDetectionEnabled() |
Whether or not RPC DoS Detection is enabled | Net/RPCDoSDetection.h | |
| If RPC monitoring is disabled, does extremely lightweight tracking of RPC calls, for monitoring tracking triggers, and to allow a chance for deducing full RPC tracking information if monitoring is enabled while receiving (so that e.g. if an RPC DoS attack enables monitoring, information on the RPC responsible can be recovered). | Net/RPCDoSDetection.h | ||
void NotifyClose() |
Triggered upon NetConnection Close (for committing analytics) | Net/RPCDoSDetection.h | |
ERPCNotifyResult NotifyReceivedRPC
(
FNetBitReader& Reader, |
If RPC monitoring is enabled, provides a notification for every RPC that is received, with the ability to block it. | Net/RPCDoSDetection.h | |
void PostReceivedPacket
(
double TimeSeconds |
Called after the current NetConnection receives a packet. | Net/RPCDoSDetection.h | |
void PostReceivedRPC() |
Called after the current NetConnection receives an RPC. | Net/RPCDoSDetection.h | |
void PostReceivedRPCPacket
(
double TimeSeconds |
Called after the current NetConnection receives a packet, when RPC DoS Detection is active and the packet contains an RPC. | Net/RPCDoSDetection.h | |
void PostSequentialRPC
(
EPostSequentialRPCType SequenceType, |
Called after the same RPC was received once or multiple times sequentially, for optimal timing | Net/RPCDoSDetection.h | |
void PostTickDispatch() |
Called after the packet-loop TickDispatch | Net/RPCDoSDetection.h | |
void PreReceivedPacket
(
double TimeSeconds |
Called prior to the current NetConnection receiving a packet. | Net/RPCDoSDetection.h | |
void PreTickDispatch
(
double TimeSeconds |
Called prior to the packet-loop TickDispatch | Net/RPCDoSDetection.h | |
void SetAddressFunc
(
FGetRPCDoSAddress&& InAddressFunc |
Overrides the current AddressFunc | Net/RPCDoSDetection.h | |
void SetKickPlayerFunc
(
FRPCDoSKickPlayer&& InKickPlayerFunc |
Overrides the current KickPlayerFunc | Net/RPCDoSDetection.h | |
void SetPlayerUIDFunc
(
FGetRPCDoSPlayerUID&& InPlayerUIDFunc |
Overrides the current PlayerUIDFunc | Net/RPCDoSDetection.h | |
bool ShouldMonitorReceivedRPC() |
Whether or not monitoring of received RPC's (i.e. calling of NotifyReceivedRPC) should be performed | Net/RPCDoSDetection.h | |
void UpdateSeverity
(
ERPCDoSSeverityUpdate Update, |
Updates the current RPC DoS detection severity state | Net/RPCDoSDetection.h |