Jump to content
Bohemia Interactive Forums
Sign in to follow this  
Followers 0
eddieck

1.59 Linux server - yellow icon issue FIXED

By eddieck, in ARMA 2 & OA - Servers & Administration

Recommended Posts

eddieck    10

eddieck
Posted (edited)

I'm cross-posting this here because I'm not sure if everyone will read the full Linux server thread.

I've released a fix for the 1.59 Linux server yellow icon issue. It is available here.

The reason this happens is because there is a mod hash at the end of the GameSpy info packet, and for some reason this is calculated incorrectly on the 1.59 Linux server. I've found the correct hash for users who only have the BAF/PMC mods (and this works on both OA and CO servers).

A set of iptables rules drop the outgoing packets containing the broken hash (so blocking the response from the actual game), but another rule accepts them for the local server. The script uses ngrep (since there isn't a proper Ruby libpcap binding worth using) to watch for the request packets, and when they are received, it makes its own request to the server (which is allowed through because of the iptables rule), and replaces the broken mod hash with the proper one. It then uses a raw socket to send the correct response to the client, from the proper source port.

This will not work if you have more mods than just BAF/PMC. However, it should be easy to make it work. Just start a 1.57 Linux server with the same mods, and use Wireshark to view the response packet. At the very end, there should be a hash - that is the proper hash for your mod setup. You can then modify that in the Ruby script.

Root access is required to set this up and also to run the script. It is required because libpcap can only be run as root. However, you can obviously view the source quite easily. :)

iptables rules:

iptables -A OUTPUT -s YOUR.SERVER.IP/32 -d YOUR.SERVER.IP/32 -p udp -m udp -j ACCEPT
iptables -A OUTPUT -s YOUR.SERVER.IP/32 -d 69.10.30.248/32 -p udp -m udp -j ACCEPT # GameSpy master server for OA
iptables -A OUTPUT -s YOUR.SERVER.IP/32 -p udp -m udp --sport ARMA_SERVER_PORT -m string --string "da39a3ee5e6b4b0d3255bfef95601890afd80709" --algo bm --to 65535 -j DROP

(If you have several servers, you could also create a new chain to make it easier.)

Edited by eddieck

Share this post

Link to post
Share on other sites

.kju    3240

.kju
Posted

Excellent job and great initiative!

Share this post

Link to post
Share on other sites

byteslam    10

byteslam
Posted
I'm cross-posting this here because I'm not sure if everyone will read the full Linux server thread.

I've released a fix for the 1.59 Linux server yellow icon issue. It is available here.

The reason this happens is because there is a mod hash at the end of the GameSpy info packet, and for some reason this is calculated incorrectly on the 1.59 Linux server. I've found the correct hash for users who only have the BAF/PMC mods (and this works on both OA and CO servers).

A set of iptables rules drop the outgoing packets containing the broken hash (so blocking the response from the actual game), but another rule accepts them for the local server. The script uses ngrep (since there isn't a proper Ruby libpcap binding worth using) to watch for the request packets, and when they are received, it makes its own request to the server (which is allowed through because of the iptables rule), and replaces the broken mod hash with the proper one. It then uses a raw socket to send the correct response to the client, from the proper source port.

This will not work if you have more mods than just BAF/PMC. However, it should be easy to make it work. Just start a 1.57 Linux server with the same mods, and use Wireshark to view the response packet. At the very end, there should be a hash - that is the proper hash for your mod setup. You can then modify that in the Ruby script.

Root access is required to set this up and also to run the script. It is required because libpcap can only be run as root. However, you can obviously view the source quite easily. :)

iptables rules:

iptables -A OUTPUT -s YOUR.SERVER.IP/32 -d YOUR.SERVER.IP/32 -p udp -m udp -j ACCEPT
iptables -A OUTPUT -s YOUR.SERVER.IP/32 -p udp -m udp --sport ARMA_SERVER_PORT -m string --string "da39a3ee5e6b4b0d3255bfef95601890afd80709" --algo bm --to 65535 -j DROP

(If you have several servers, you could also create a new chain to make it easier.)

Great and what a blame for BI :-) Very nice.

:yay:

Share this post

Link to post
Share on other sites

.kju    3240

.kju
Posted

byteslam can you please stop bashing BI at every possible occasion.

Your behavior is so poor.

Share this post

Link to post
Share on other sites

sickboy    13

sickboy
Posted (edited)

Yea, it's poor he has to be a PITA.

If you're wondering how not to be a PITA, take example of eddieck and other constructive members.

Oh well, there's always the ignore list..

Edited by Sickboy

Share this post

Link to post
Share on other sites

eddieck    10

eddieck
Posted

Also, you probably want to add an ACCEPT for the GameSpy master server (69.10.30.248).

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing ARMA 2 & OA - Servers & Administration
×