Hi! Thanks for checking out our little game! I created this game last month, and now Justine has graciously offered to continue maintaining and hosting it. Feel free to ask me anything!
nice game, best usage for legacy IP I have seen yet :-).
for everyone who wonders how to play from cli, the api endpoint is https://ipv4.games/claim?name=
That’s right! For example:
$ curl -sH Accept:text/plain http://ipv4.games/claim?name=jart
The land at a.b.c.d was claimed for jart
Another example is you can embed the following on a website for a 1x1 gif pixel:
<img src="https://ipv4.games/claim?name=jart" width="1" height="1">
I think it can be done with a <script> tag too for a 204 No Content but I haven’t tested that yet.
204 No Content
Send us as much traffic as you want! It’s a pretty simple C program that uses SQLite. I’ve tested that it can handle about 240,000 /claim INSERT queries per second. If you want to read the source code, visit https://github.com/jart/cosmopolitan/blob/master/net/turfwar/turfwar.c
I like this. Does “ownership” over an IP age over time? If not, how do you combat someone just getting to the top and staying there forever?
Yesterday we implemented the /score/hour, /score/day, /score/week, and /score/month endpoints, which will serve as added views to the all-time top score endpoint /score. Today we plan to work on incorporating those endpoints into the website GUI. Our hope is it’ll accomplish exactly what you’re suggesting. We’re giving newcomers a chance to compete and have fun, while at the same time preserving the past accomplishments of extreme players like lucy.sh whose supremacy has yet to be challenged.
Hm, I still think you should consider ownership to atrophe. I played an (IRL) location based game some years ago, and once you visited a place it was yours forever. The people who owned tons of land early on, kept it as they’d amassed so much resource, it was impossible to compete. In the “real world” if you walk away from property with no security (in this analogy, if you don’t re-visit from that IP again) then you’re going to lose security over the land.
We designed it to be like the real world. For example, if you can figure out how Lucy made all those claims, then you can take them from her that same day. We’ve seen varying degrees of sophistication in how people are doing it. For example, I put my claim link into the “submit link” page on Lobsters and asked it to “suggest title”. So I owned Lobsters’ IP address, at least until someone else comes along and has that same idea :-)
You should definitely save a snapshot of the monthly leaderboards every month. That’s the best way I’ve ever seen to preserve past accomplishments.
Thank you for the suggestion. We intend to preserve the accomplishments of our users by doing things like that!
Claims are not permanent, so if someone else sends a claim request from the same address, they steal that claim from the other player :)
The default leaderboard also only considers claims that happened less than a week ago.
Cute little game. I just tried to put the right URL into a couple of sites that allow you to benchmark a website from multiple locations around the world in one click, and that got me to 38 IP addresses quickly.
I then thought I could do requests from lots more IP addresses using RIPE Atlas probes, but it turns out RIPE has limited the HTTP tests to only be directed at the RIPE Atlas anchors - which probably makes sense, so you can’t use their service to DDoS a website…
This is delightfully whimsical and makes me wish I were retired so I could find creative, non destructive ways to ‘win’ :)
So fun. Is it possible to spoof this kind of thing?
So far nobody has publicly claimed to have successfully done so, and this security stackexchange post makes me think it’s probably too hard to do!
I will just assume that it I visit sheesh.rip, i will add my IP address and device to their total count.
Is there an IPv4-only subdomain? It’s cool that you can view the game from IPv6 but I’d like to have a claim link I know will only resolve to the IPv4 address.
There is now. You can bypass Cloudflare for IPv4 HTTP-only using http://turfwar.ipv4.games/
I’d like that, but I don’t know if it’s possible with Cloudflare
Ah yeah, that complicates things. It’s kinda surprising it’s not possible for free zones (according to https://api.cloudflare.com/#zone-settings-change-ipv6-setting)
You can do it with a grey cloud DNS entry, but that also bypasses protections.
Cloudflare’s protections haven’t really helped IPv4 Games because the people who play this game are so much more advanced than the usual suspects Cloudflare Proxy knows how to automatically address, like keeping hulking wordpress blogs from collapsing under bloat or credit card fraud. What I love about Cloudflare is they’re soo good at abstracting things like ssl / dns / dnssec toil and they’ve got a hit counter solution that isn’t blocked by 80% of my audience. I only started using Cloudflare Proxy for the first time this past month because I thought it’d do more to save me from the shocking amounts of traffic we’ve received from our most enthusiastic users. But at this point I’ve gotten so good at building servers in C that’re free of weaknesses and can handle 400k write qps w/ SQLite, that honestly, I’m thinking of just unplugging from Cloudflare and experiencing the raw Internet.
Nice to see my old school 42Paris showing up.
10$ from me for the first claim in the DoD space (claiming the 10$ is on your own risk though :))
So, this is a list of the people I need to phish if I want to hijack large blocks of IPv4 space?