Results 1 to 5 of 5

Thread: Ports needed for Steamworks.NET?

  1. #1
    Survivor
    Join Date
    Sep 2019
    Posts
    61
    Rep Power
    0

    Ports needed for Steamworks.NET?

    I can run the server fine with all ports open, but I've been looking at securing my server, and have figured out how to use the firewall provided by Hetzner. I can connect to it through SSH, and the 7Days server itself launches. But I can't find the ports needed for Steamworks. According to https://support.steampowered.com/kb_...8571-GLVN-8711 all I need to do is open port 27015 UDP & TCP. But that doesn't solve the problem.

    Here is the excerpt from my log:
    Code:
    2019-10-04T17:13:37 77.858 INF [Steamworks.NET] GameServer.Init successful
    2019-10-04T17:13:37 77.862 INF [Steamworks.NET] Making server public
    2019-10-04T17:14:07 107.554 ERR [Steamworks.NET] GameServer.LogOn timed out
    The server successfully launches, but since Steamworks.NET fails, the client endlessly waits for Steam verification upon connecting to the server. Which other ports do I need to have open?

    Edit: Using Wireshark, I saw that the 7Days server makes connections on ports 443, 27020, and 27021. Added those to be allowed through the fiirewall, but the server still fails with the same error.

    Edit2: Found the solution. Using the socklist command, from the procinfo package, I found that the following ports were also needed to be opened:

    TCP - 53244
    TCP - 54437
    TCP - 57767

    Those ports are used to connect to Steamworks in order to authenticate users.

    Edit3: Unfortunately, the ports change. On a second start of the server, the following TCP ports were used:

    TCP - 54693
    TCP - 53248

    What is the defined range for these additional ports used by 7Days?


    Edit3: Managed to find it. For real this time.

    After installing the tcpdump utility for Ubuntu, by entering into the terminal "apt-get install tcpdump", and the socklist utility with "apt-get install socklist", I managed to find the steam server used for matchmaking. To do this, I did the following:

    1. Launch server with firewall completely open

    2. Once server is launched and ready, type socklist into the terminal

    3. There will be 4 or 5 different ports being used by the process 7DaysToDieServe. Look for the entries that don't use ports 26900-26902.

    4. Use tcpdump on each of the used ports to see which external IPs (Steam's servers) are using those ports.

    5. As an example, out of the three ports I needed to look at (50891, 53262, and 38127, note that the ports change all the time and there's no set range), 50891 was the only port getting packets, and they were from 162.254.196.84.27021.

    6. Referencing https://bgp.he.net/AS32590#_prefixes I found the server (NOT IP!) I needed to allow access past my firewall: 162.254.196.0

    7. In my firewall, I put in 162.254.196.84 for the source IP. After applying that setting, Hetzner's firewall automatically appended /32 to it, so it looks like this: https://i.imgur.com/AE1kkVb.png

    Now players can connect to my server, and my firewall still does it's job.
    Last edited by FiftyTifty; 10-04-2019 at 11:31 PM. Reason: Found solution.

  2. #2
    Community Moderator SylenThunder's Avatar
    Join Date
    Oct 2014
    Location
    SE Michigan, out in the sticks.
    Posts
    9,163
    Rep Power
    1
    The ports you need open for the server.

    26900 TCP/UDP
    26901 UDP
    26902 UDP

    For Steam Networking, I just open up ports 27000-27100 TCP/UDP.

    Haven't had any issues.

  3. #3
    Survivor
    Join Date
    Sep 2019
    Posts
    61
    Rep Power
    0
    You need to allow Steam's matchmaking servers to connect to your server as well. On Windows that would be easy enough to do; just allow everything that comes in through the process. Linux doesn't have that functionality, so you have to do it by

  4. #4
    Community Moderator SylenThunder's Avatar
    Join Date
    Oct 2014
    Location
    SE Michigan, out in the sticks.
    Posts
    9,163
    Rep Power
    1
    Quote Originally Posted by FiftyTifty View Post
    You need to allow Steam's matchmaking servers to connect to your server as well. On Windows that would be easy enough to do; just allow everything that comes in through the process. Linux doesn't have that functionality, so you have to do it by
    ... opening the specific ports.

    The list I gave above your post is the port ranges I have open on my headless Linux dedi. If you want to use an external manager, you also need to open ports 8081 and 8082 for telnet and the web API.

  5. #5
    Survivor
    Join Date
    Sep 2019
    Posts
    61
    Rep Power
    0
    Quote Originally Posted by SylenThunder View Post
    ... opening the specific ports.

    The list I gave above your post is the port ranges I have open on my headless Linux dedi. If you want to use an external manager, you also need to open ports 8081 and 8082 for telnet and the web API.
    No, that's not opening the specific ports. You need to allow the Steamworks server to connect, which uses three random ports. You don't open 20,000 (observed using ports between 42000-58000) ports just to hope the server will use the ports within that range, you allow the server IP to access every port. That's completely different, and is not mentioned in the list at all.

    Telnet is wholly unsecure, and should not be used in any fashion.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •