Ah yep, I read about the TCP RST problem in one of the RFC docs, then promptly forgot about it and never implemented anything to avoid it. Thankyou for the detailed notes.
Found the issue - a use after free in send_response() if I close the session early due to an error. Was continuing to the next bit. Put a temp fix in place, will push a proper one later.
What is it about HN that overwhelms small servers like this? It was a small static page so I wouldn't think it'd be that much load on the server itself, even for an OrangePi like this one.
Too many simultaneous connections for his router maybe? Or too much bandwidth for his internet connection?
If they are behind a NAT/ stateful firewall there is just so much connections it will handle at once. I think OpenWRT has like 16K max by default, f.ex. So for less than 16K requests by different users/IPs… each is kept for about 1 minute I think… it quickly will go down, I guess. :)
With OpenWRT we can increase the limit, if needed. But it's a delicate process you need to balance out carefully depending on your router. I doubled my slots and it works fine:
It's done via /etc/sysctl.conf
> net.netfilter.nf_conntrack_max=32768
Afterwards "sysctl -p" to apply/ reload the config file. But increasing blindly is a bad idea… it needs to be done with ip_conntrack_buckets in sync for proper balance (memory use, CPU usage). Best to read upon it.
But just going from 16K to 32K shouldn't be any problem for most routers these days.
Other tips: I still had issues going too granular with GOAP actions at the start, so I recommend keeping your actions as coarse as possible. It's still a tool that you use with your AI designer hat on, it doesn't do everything on its own. But the power of being able to throw in a new goal, maybe one new action, and have the existing actions solve all the other prerequisites, is amazing. Defining world properties and states is a muuuuuuch lower mental load than using utilities for actions.
I wrote it all with performance in mind, and it seems to run fine. Basically lots of caching (each world property is only evaluated once per AI per tick then re-used, shared values are cached for all then re-used, etc); eliminating invalid paths early; and searching backwards from the goal instead of forwards from the current world state. I test with 4 AI players on an old i3 laptop processor from ~2016 without issue.
As of 2020, chosen-prefix attacks against SHA-1 are practical.[6][8] As such, it is recommended to remove SHA-1 from products as soon as possible and instead use SHA-2 or SHA-3. Replacing SHA-1 is urgent where it is used for digital signatures.
