Find the answer to your Linux question:
Results 1 to 9 of 9
Has anyone used the steam HLDS (Half life Dedicated Server) on a linux box at all? I have installed it, and on the LAN it works sweetly at the moment, ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790

    Counter Strike HLDS


    Has anyone used the steam HLDS (Half life Dedicated Server) on a linux box at all?

    I have installed it, and on the LAN it works sweetly at the moment, though i cannot get it to be accessible to the internet. I have searched all sorts of forums for help etc, the all just say basically to open port 27015 (default port) which i have done otherwise i wouldn't be able to play it on the LAN.

    The setup i have is a Cable modem going into a firewall which also acts as my HLDS.

    I have read that you need to specify

    Code:
    +ip <ip>
    when startin the server (which i have done) But STILL my friend cannot connect.

    Has anyone else used the HLDS for counter strike at all? Or anyone have any ideas as to why i can't get it working?
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

  2. #2
    Linux Engineer adrenaline's Avatar
    Join Date
    Aug 2004
    Location
    Seattle, Washington
    Posts
    1,058
    I serve counter strike on a server I had to open ports in my router to do I but my friend set it up. I had to port forware
    21075 or whatever the port was I don't remember of the top of my head. If you have a specific question I can ask my friend and can relay it for you.
    Mike
    Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had.
    -- Linus Torvalds

  3. #3
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790
    Yeh, as i mentioned, the counter strike server is on my firewall which is connected directly to the cable modem. All i need to know is what is needed in order to make the external computers able to access the server. (at the moment, my friend gets Not responding errors in his steam browser).

    Do i ned ALL the ports mensioned at server.counter-strike.net open? I see there's a few UDP and a couple of TCP ports that need to be opened by iptaables.

    The thing is that i do have port 27015 open, and can access it from the LAN, but does the internet connection use more than the one port? Could this be why it's not responding?
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

  4. #4
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790
    OK, i think i'm down to a port situation to sort this out.

    I have read on the counter strike server website server.counter-strike.net that i need to do this:

    Code:
     
    /usr/sbin/ipmasqadm autofw -A -v -r udp 27015 27015 -h <server ip>
    /sbin/ipchains -A output -p udp -s $ANY 27012 -j ACCEPT
    /sbin/ipchains -A output -p udp -s $ANY 27010 -j ACCEPT
    /sbin/ipchains -A input -p udp -s $ANY 27015 -j ACCEPT
    /sbin/ipchains -A output -p tcp -s $ANY 7002 -j ACCEPT
    /sbin/ipchains -A output -p tcp -s $ANY 5273 -j ACCEPT
    Now i don't mind doing this, but obviously will leave those ports open to attack. Is there a way i can add these commands to a script to set the server up, and also then add a reverse set of commands to a different script to close the ports? I don't want this server up 24/7 you see. Or would it just be easier to leave the ports open wether the server is up or not?

    I guess to setup a script to opent he ports would be just a case of saving the above code in a code.sh file, chmod +x it and then ./code.sh ?
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

  5. #5
    Linux Engineer adrenaline's Avatar
    Join Date
    Aug 2004
    Location
    Seattle, Washington
    Posts
    1,058
    Just make sure you run the game as a user and not root. there is a really nice hack that surrenders your box if you run it as root. I know from personal experience, but I have run mine for two years now with no incedent
    Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had.
    -- Linus Torvalds

  6. #6
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790
    I wasn't running it as root anyway. I made a new user just for running the server.

    Does anyone know about the ipchains/iptables stuff?

    I guess i don't need to do the first command i mentioned, as in my case it forwards the port to itself!! Apart from that, i reied the second command and got this:

    firewall:~ # /sbin/ipchains -A output -p udp -s $ANY 27012 -j ACCEPT
    ipchains: Protocol not available
    Anyone know what i need to do to open these ports?
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

  7. #7
    Just Joined!
    Join Date
    Feb 2005
    Posts
    33
    hi

    Have you tryed putting this in to the config?

    sv_lan 0

  8. #8
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790
    yes, i have, i have done everything i can find on the net (apart from opening these ports)

    My mate said to me to use iptables instead of ipchains as ipchains aren't really supported in the latest kernels, and also YaST on SuSE uses iptables anyway. So if anyone knows of equivelent commands to these:

    Code:
    /sbin/ipchains -A output -p udp -s $ANY 27012 -j ACCEPT
    /sbin/ipchains -A output -p udp -s $ANY 27010 -j ACCEPT
    /sbin/ipchains -A input -p udp -s $ANY 27015 -j ACCEPT
    /sbin/ipchains -A output -p tcp -s $ANY 7002 -j ACCEPT
    /sbin/ipchains -A output -p tcp -s $ANY 5273 -j ACCEPT
    But for iptables rather than ipchains, that would be great.
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

  9. #9
    Linux Guru sdousley's Avatar
    Join Date
    Feb 2004
    Posts
    1,790
    OK, i have it working!!

    Now for knowledge spreading!! Specially as it can be applied to anything firewall/port related!

    Then got my mate to try pinging the server from the Steam Browser, and wait for a few mins whilst i look round!!

    Look in /var/log/messages for references to his IP, and which port there's a request on. so search the messages file for <ip> Found it. damn, it's port 22, from his ssh session to find his IP! ok, it's not logging the requests for some reason. *remembers logging options on firewall in YaST* so i went into YaST, only critical packets were being logged, so set all packets to log.

    Get mate to retry the server from Steam Browser.

    Look in /var/log/messages search for IP, there it is, port 27015, BUT not the TCP 27015 i have open, it's the UDP one, so need to open that, one simple command to do that:

    Code:
    iptables -t filter -I INPUT -j ACCEPT -p udp --dport 27015
    get mate to retry the connection...... It responds! AND he can get in the server for an ass whooping!! hehe

    Thanks for the help provided here tho guys.
    "I am not an alcoholic, alcoholics go to meetings"
    Registered Linux user = #372327

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •