Half-Life и Adrenaline Gamer форум • Просмотр темы

Сообщения без ответов | Активные темы

Список форумов » Серверный раздел » Установка, настройка сервера

Часовой пояс: UTC + 5 часов [ Летнее время ]

Steam Server connection Issue

Модератор: KORD_12.7

Страница 1 из 1

[ Сообщений: 4 ]

Версия для печати

Пред. тема | След. тема

Автор

Сообщение

souvikdas95

Заголовок сообщения: Steam Server connection Issue

Добавлено: 29 окт 2013, 12:49

Зарегистрирован:
26 сен 2013, 11:16
Последнее посещение:
14 янв 2015, 18:53
Сообщения: 32

It says "Could not establish connection to Steam servers" but SteamCMD is working. Could it be realted to IPTABLE?

Вернуться к началу

Lev

Заголовок сообщения: Re: TC Admin : Bash Script Issue

Добавлено: 29 окт 2013, 13:17

Site Admin

Зарегистрирован:
01 июн 2010, 01:27
Последнее посещение:
01 июн 2015, 02:09
Сообщения: 4973

I spotted but not investigated "Could not establish connection to Steam servers" issues. It often (or always) happen on builds less then 5758 on windows. And could happens even for new beta builds on linux in virtualbox.
As I said, I dunno why.

Вернуться к началу

souvikdas95

Заголовок сообщения: Re: Steam Server connection Issue

Добавлено: 30 окт 2013, 00:06

Зарегистрирован:
26 сен 2013, 11:16
Последнее посещение:
14 янв 2015, 18:53
Сообщения: 32

Can you check if this solves. Some1 posted this. I cant check currently because my root access is hindered for about a week.

Цитата:

add to NAT table:
-A PREROUTING -d 207.173.177.11/32 ! -i eth1 -p tcp -m tcp --dport 27030 -m comment --comment "HLDS hardcoded IP hack" -j DNAT --to-destination 208.64.200.189:27038
-A PREROUTING -d 207.173.177.12/32 ! -i eth1 -p tcp -m tcp --dport 27030 -m comment --comment "HLDS hardcoded IP hack" -j DNAT --to-destination 208.64.200.189:27038
-A PREROUTING -d 69.28.151.178/32 ! -i eth1 -p tcp -m tcp --dport 27038 -m comment --comment "HLDS hardcoded IP hack" -j DNAT --to-destination 208.64.200.189:27038
-A PREROUTING -d 69.28.153.82/32 ! -i eth1 -p tcp -m tcp --dport 27038 -m comment --comment "HLDS hardcoded IP hack" -j DNAT --to-destination 208.64.200.189:27038
-A PREROUTING -d 68.142.88.34/32 ! -i eth1 -p tcp -m tcp --dport 27038 -m comment --comment "HLDS hardcoded IP hack" -j DNAT --to-destination 208.64.200.189:27038
-A PREROUTING -d 68.142.72.250/32 ! -i eth1 -p tcp -m tcp --dport 27038 -m comment --comment "HLDS hardcoded IP hack" -j DNAT --to-destination 208.64.200.189:27038

the comment and the "! -i eth1" parts may be omitted (know what you are doing)
Now i can connect, but get the message: "ProtocolError - Bad message LengthPrefix" which seems to be a showstopper here

Posted after 2 minutes 4 seconds:
Some1 also posted this :

▼

Цитата:

Here is my iptables file. Please let me know if you have questions. The ping opener is commented out XXX.XXX... purposefully. Have a look, and please offer any suggestions you might. Thanks a lot.

#server ports
#-A INPUT -p tcp -m tcp --dport 27015 -j ACCEPT
#-A OUTPUT -p tcp -m tcp --dport 27015 -j ACCEPT

#The NAT portion of the ruleset. Used for Network Address Translation.
#Usually not needed on a typical web server, but it's there if you need it.
#*nat
#:PREROUTING ACCEPT [127173:7033011]
#:POSTROUTING ACCEPT [31583:2332178]
#:OUTPUT ACCEPT [32021:2375633]
#COMMIT

#The Mangle portion of the ruleset. Here is where unwanted packet types get dropped.
#This helps in making port scans against your server a bit more time consuming and difficult, but not impossible.
*mangle
:PREROUTING ACCEPT [444:43563]
:INPUT ACCEPT [444:43563]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [402:144198]
:POSTROUTING ACCEPT [402:144198]
-A PREROUTING -p tcp -m tcp --dport 27015 --syn -j ACCEPT
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,PSH,URG -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
COMMIT

#The FILTER Section of the ruleset is where we initially drop all packets and then selectively open certain ports.
#We will also enable logging of all dropped requests.
*filter
:INPUT DROP [1:242]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
#:LOG_DROP - [0:0]
#:LOG_ACCEPT - [0:0]
:icmp_packets - [0:0]

#First, we cover the INPUT rules, or the rules for incoming requests.
#Note how at the end we log any incoming packets that are not accepted.
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 43 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
#for the server ...
-A INPUT -p tcp -m tcp --dport 27015 -j ACCEPT
-A INPUT -p udp -m udp --dport 27015 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3784 -j ACCEPT
-A INPUT -p udp -m udp --dport 3784 -j ACCEPT
#not for the server ....
-A INPUT -s 127.0.0.1 -j ACCEPT
-A INPUT -p icmp -j icmp_packets
#-A INPUT -j LOG_DROP

#Next, we cover the output rules, or the rules for all outgoing traffic.
#Note how at the end we log any outbound packets that are not accepted.
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 20 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 23 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 43 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 3306 -j ACCEPT
# for the server
-A OUTPUT -p tcp -m tcp --dport 27015 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 27015 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 3784 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 3784 -j ACCEPT
#not for the server ....
-A OUTPUT -d 127.0.0.1 -j ACCEPT
-A OUTPUT -p icmp -j icmp_packets
#-A OUTPUT -j LOG_DROP

#Here we have 2 sets of logging rules. One for dropped packets to log all dropped packets and one for accepted packets, should we wish to log any accepted requests.
#-A LOG_DROP -j LOG --log-prefix "[IPTABLES DROP]: " --log-tcp-options --log-ip-options
#-A LOG_DROP -j DROP

#-A LOG_ACCEPT -j LOG --log-prefix "[IPTABLES ACCEPT]: " --log-tcp-options --log-ip-options
#-A LOG_ACCEPT -j ACCEPT

#And finally, a rule to deal with ICMP requests. We drop all ping requests except from our own server.
#make sure you replace 1.2.3.4 wiht the IP of your server.
-A icmp_packets -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A icmp_packets -s XXX.XXX.XXX.XXX -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A icmp_packets -p icmp -m icmp --icmp-type 8 -j DROP
-A icmp_packets -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A icmp_packets -p icmp -m icmp --icmp-type 11 -j ACCEPT
COMMIT

Вернуться к началу

Lev

Заголовок сообщения: Re: Steam Server connection Issue

Добавлено: 30 окт 2013, 01:15

Site Admin

Зарегистрирован:
01 июн 2010, 01:27
Последнее посещение:
01 июн 2015, 02:09
Сообщения: 4973

I prefer not to mess with iptables if possible. If IP was changed for their service, then it is more easier to change it in the server binary.

Вернуться к началу

Страница 1 из 1

[ Сообщений: 4 ]

Список форумов » Серверный раздел » Установка, настройка сервера

Часовой пояс: UTC + 5 часов [ Летнее время ]

Кто сейчас на конференции

Сейчас этот форум просматривают: Ahrefs [Bot] и гости: 1

Вы не можете начинать темы
Вы не можете отвечать на сообщения
Вы не можете редактировать свои сообщения
Вы не можете удалять свои сообщения
Вы не можете добавлять вложения

Перейти: