トーク:Host チュートリアル

出典: LFS Manual
2007年4月11日 (水) 12:05時点におけるY.GOD (トーク | 投稿記録)による版
(差分) ←前の版 | 最新版を表示 (差分) | 次の版→ (差分)
ナビゲーションに移動検索に移動

Running a LFS Server

by the_angry_angel

From download to install, to configuring your firewall, this is meant as a rough guide (revision 1.65) to get you started with running an LFS server.

I'm sure you've all got comments on whether it needs re-wording, deleting or more adding to it. Feel free to let me know via pm, or just post away The major problem is that there are so many home and comercial products out there now, that its impossible to cover them all, but I'll do my best. I'm hoping to get some additional firewall information on here, including configuring a cisco pix, zonealarm, etc.

If you have any problems, either post away, or start a new thread and we'll do our best to help out.

Assumptions

Throughout the entire guide, I assume that you dont change the default port (which is 63392) that you've set for LFS to use. If you do change it, then you need to substitute 63392 for the port you've set LFS to bind to.

I also assume that you're going to be running the dedicated server. If this is not the case, you're only likely to need to read the following sections, as you can configure everything else in-game when you start the multiplayer game.

Dedicated Or "Full Client" Servers?

Theres a few key differences to using the dedicated server software and the full client. Primarily it's the minimum requirements for the system and what's packaged with it. The dedicated server doesn't have any of the game content, as such, and will just sit there serving requests consuming a minimal amount of diskspace. Theres little or no interface, depending on how you have it configured, which means you don't need a graphics card (configuring via a console connection works reasonably well on some OS').

So why would you use the dedicated server? Anywhere that you can't use the full LFS client, where you'd want to run a server for extended periods of time. For example, say you had a dedicated server in a datacentre and you wanted to run an LFS game server from that. The full client would be; resource consuming (disk space, and required management time), a waste of an unlock or an account. The dedicated server, on the other hand, would be ideal.

Brief Guide

  • Download the dedicated server from http://www.liveforspeed.net/?page=addons.
  • Extract somewhere you'll remember; the desktop is NOT a good idea.
  • Configure host by editing setup.cfg / creating a new cfg file.
  • Start the server.
  • If you're on the same local network / have a route to the server, then try to connect to it via the LAN.
  • Test a connection from outside the local subnet, i.e. from the internet. If it doesn't work, forward / open the incoming ports (TCP/63392,UDP/63392), and make sure the outgoing port (TCP/29339) is also open.
  • Join the Wrecker Barricade, then play with, pimp and have fun with your server.

Detailed Guide

Windows

  • Download the dedicated server, using your favourite browser from http://www.liveforspeed.net/?page=addons.
  • Right click and select Extract to folder, or use your favourite unzipping software. Usually you can double click on the file, and follow the extract procedure.
  • Either create a new, or copy a new setup.cfg file. I suggest copying setup.cfg, and naming it something you'll remember. Change the config as required. Take a look at the configuration section to learn more.
  • Start the server. I usually create a batch file containing
lfs.exe /cfg=<PATH TO CFG FILE>
  • You can edit and use my batch file attached if you dont know how to make one.
  • Test connecting to the server. If its on the same PC connect to the IP 127.0.0.1. Otherwise type the IP address of the remote server. If its on the same local subnet, then start the LFS client and Click "Multiplayer", then "Join Specific Game", then select local network.
  • If you cannot connect, and you got the password (if any) correct, then you need to open the ports in your windows firewall (see the firewall section), or your LAN's firewall. If you have a LAN firewall, then talk to your sys/network admin nicely.
  • Try connecting from outside your network (i.e. from the internet). Either get a friend to help, or ask on the forums. You'll need to remember to tell us what you called the server.
  • If they cannot connect, you need to open the ports in your external firewall, or forward the ports from your router. See the firewall section for this.
Securing your Windows Server

Theres a few basic things; they aren't particularly LFS orientated, but you may not be aware of them. Throughout this, I'm assuming that you're using a standalone Windows 2003 server, or XP machine thats directly connected to the internet. I wouldn't particularly recommend doing some of this things to a desktop machine. Infact some may not even be available.

  • Turn off NetBios on internet facing network cards (Control Panel > Network Connection Properties > Untick File and Printer Sharing, then TCP/IP Properties > Click Advanced > goto WINS tab > select Disable NetBIOS over TCP/IP > Click ok until all dialogs are closed),
  • If you have RDP or VNC enabled, put long and "complex" passwords on your accounts,
  • Make sure you keep yourself patched up,
  • If you're using a Windows 2003 server, I suggest keeping the IE Enhanced Security Configuration installed,
  • Don't let random people use your machine,
  • Don't install things you don't need.

Linux with WINE

For this guide, I presume you know at least the basics about linux (i.e. your package manager, navigating the directory tree, etc.). I also assume everything you do is from a terminal / ssh session.

To give you some idea on the impact on performance, my 800MHz (Via C3 processor, in you're interested) with 512MB of physical RAM sees an extra 6 processes and approximately 5% RAM usage in total. I see a little stuttering with the performance on initial connection, but after that its fine.

  • Download the dedicated server: http://www.liveforspeed.net/?page=addons
  • Extract the server, and extract to the directory LFSServer, in the current directory: unzip -o LFS_S2_DEDI_V.zip ./LFSServer
  • Make sure WINE is installed. If not download / install / compile it.
  • Create or edit the setup.cfg file. The important thing is that /dedicated=invisible, otherwise it will complain about the lack of an X Server.
  • Starting the LFS server. With recent versions of WINE, running LFS as a background process is a pain and has a lot of problems. avellis' suggestion of using wineconsole in a screen is a pretty good solution:
screen -S <INSERT NAME> wineconsole --backend=curses LFS.exe /cfg=<INSERT PATH TO CFG>
  • You can of course, use the background method, if you have an older version of WINE.
nohup wine LFS.exe /cfg=setup.cfg >/dev/null & echo $! > lfs.pid
  • What this will do is start LFS in the background and create an lfs.pid file containing its process id. This is useful if you want to automate the whole starting and stopping of the server process. If you want to learn more about screen, do a man screen in a terminal, or take a look at http://linuxforum.com.
  • Test connecting to the server. If its on the same local network, try connecting to a local game, and putting in the IP address of the box.
  • Finally, get someone from the forums, or outside of the server's network to connect.

If you cannot connect, then you need to open up the ports on your router or firewall.

Killing an orphaned or obsolete WINE\LFS process is a pain in the neck. I've found that a

killall -9 wine

(as the appropriate user (either owner or root)) is the most reliable way of doing it. Either my version of WINE doesnt like being killed, or my box is having a permanent funny 5 minutes; I've always had trouble killing WINE.

A final note on screen, I have a bad habit of opening them for compiles, lynx, LFS servers, etc. and then forgetting they're open. 2 weeks later I wonder where all the RAM has gone Rarely will I say a tool is too useful for its own good, but in this case screen is.

Securing your Linux Server

Theres a few obvious things, but I feel its better to go over them.

Make your LFS server run as a non-privileged user. I prefer to create a new user for each process that I run on my servers.

To create a new user, take a look at the adduser command:

man adduser

Personally I'd create a user called LFSServer, give it a difficult to guess password ("1oustledroam" for instance), and lock down so that user can only read and write to its home directory (which is where I'd put the LFS server files) and any other essentials it needs. Doing this is rather long winded, out of scope of this thread, and there are plenty of articles about it on the internet.

Configuration Files

The Common Way

Use a batch file, shortcut or any method you like to start LFS.exe with a command line. You can use the following options below:

/host=Host Name      :FIRST IN LIST
/pass=Pass           :if required - password
/admin=Pass          :if required - admin password
/ip=X.X.X.X          :if required - local specified ip address
/port=63392          :a high number below 65536
/mode=demo           :demo / s1 / s2
/usemaster=yes       :no / yes / hidden
/track=XXCR          :track and config (e.g. BL1 / SO3R / FE4)
/weather=1           :weather : 1,2,3 in Blackwood
/cars=[cars]         :see below : "Car Strings"
/maxguests=4         :max number of guests that can join host
/carsmax=5           :max number of cars in a race
/carshost=1          :max number of cars (real+ai) on host pc
/carsguest=1         :max number of cars (real+ai) per guest pc
/pps=4               :smoothness (3-6) number of car updates per second
/qual=0              :qualifying minutes, 0 for no qualifying
/laps=5              :number of lap, 0 for practice
/wind=1              :0 no wind / 1 low wind / 2 high wind
/dedicated=no        :no / yes / nogfx / invisible
/vote=yes            :no / yes : can guests vote to kick or ban
/select=yes          :no / yes : can guests select track
/rstmin=X            :no restart for X seconds after race start
/rstend=X            :no restart for X seconds after race finish
/autokick=no         :no / yes / ban / spectate   (Wrong way drivers)
/midrace=yes X       :no / yes                    (Join during race)
/mustpit=no          :no / yes                    (Pit Stop Required)
/start=finish        :fixed/finish/reverse/random (Default race start)
/welcome=X.txt       :set welcome text file
/tracks=X.txt        :set list of allowed tracks

A few things to mention are that;

  • The IP setting does not have to be defined. Thats only for multihomed machines, and if you want it to listen on one address. If you * dont know what that means, then don't fiddle
  • The / is required at the start of the configuration directive (LFS basically treats the cfg file the same as an argument)
  • Two //'s are a comment

The Easy Way

CrazyICE has created the DediGUI NG which allows you to control local (CrazyICE, feel free to correct me here) dedicated configuration files, and the whole dedicated server.

Firewalls

There are a shit load of firewalls out there, but I'll try and cover the ones I've got experience with: ISA, iptables and the windows firewall. If anyone has any requests, I'll add it to the thread / guide, if I can.

IPTables

The following rules should be enough to help you. Note: I assume that the machine running iptables is the same as the machine running the server. If not replace INPUT and OUTPUT with FORWARD.

Inbound:

iptables -A INPUT -p tcp --dport 63392 -m state --state NEW -j ACCEPT iptables -A INPUT -p udp --dport 63392 -m state --state NEW -j ACCEPT

Outbound:

iptables -A OUTPUT -p tcp --dport 29339 -m state --state NEW -j ACCEPT

Microsoft ISA Server

I'm afraid I only have ISA 2004 on machines now, so the ISA template files I'll be providing will only work as intended on that. I'll add a little guide for them shortly, but I assume that you'll know what to do with them, if you're already using ISA.

Windows Firewall

  • Open the Windows Firewall, from the control Panel, and goto Advanced.
  • Select your Network Connection you want to allow connections from, under Network Connection Settings, and then click the Settings button.
  • Click Add. Give it a Description of "LFS (TCP/63392)", set the Name or IP to 127.0.0.1, put 63392 as both Port Numbers, and select TCP. Click Ok.
  • Click Add. Give it a Description of "LFS (UDP/63392)", set the Name or IP to 127.0.0.1, put 63392 as both Port Numbers, and select UDP. Click Ok.
  • Depending on your setup, this final one may not apply. I've come across a particular hotfix which appeared to change the behaviour of the Windows Firewall. Try it without first, if it doesnt work then click Add. Give it a Description of "LFS (TCP/29339)", set the Name or IP to 127.0.0.1, put 29339 as both Port Numbers, and select TCP. Click Ok.

If when you start the dedicated server, and Windows askes if you want to unblock it or not, select Unblock.

Windows ICS (Internet Connection Sharing)

Port fowarding with Windows ICS is a royal pain in the bum. Sadly there are still people that use this. I'm currently writing up a guide for this.

Port Forwarding / Home Routers

There are quite a lot of home routers out there, so giving a guide for them all would be quite difficult. Heres one for DD-WRT (I run a linksys WRT54G).

  • Open a browser window, and goto your router's IP address. In most situations you'll find this is your default gateway. You can find this by going to Start > Run, typing "cmd", clicking ok, and then typing "ipconfig" and pressing enter.
  • Click "Applications & Gaming"
  • Click "Port Forwarding"
  • Click Add
  • The following settings should be enough: Application = LFS, Port From = 63392, Protocol = Both, IP Address = Your Local IP Address (can be found from ipconfig, as above), Port to = 63392, and tick Enable.
  • Click "Save Settings"

Check out PortForward.com for a guide for your router.

Track Restriction

To restrict the tracks allowed on a host:

  • Create a text file named "X.txt" in your LFS folder.
  • List all the tracks and configurations you want to allow.
  • Type one configuration on each line.
  • You must use the short name of the tracks: [first two letters of name] [config number] [reversed]

Track List

If you're not familiar with the track's shorthand names, heres something you might find helpful:

  • BL1 = Blackwood GP
  • BL1R = Blackwood GP Reverse
  • BL2 = Blackwood RallyX
  • BL2R = Blackwood RallyX Reverse
  • FE1 = Fern Bay Club
  • FE1R = Fern Bay Club Reverse
  • FE2 = Fern Bay Green
  • FE2R = Fern Bay Green Reverse
  • FE3 = Fern Bay Gold
  • FE3R = Fern Bay Gold Reverse
  • FE4 = Fern Bay Black
  • FE4R = Fern Bay Black Reverse
  • FE5 = Fern Bay RallyX
  • FE5R = Fern Bay RallyX Reverse
  • FE6 = Fern Bay RallyX Green
  • FE6R = Fern Bay RallyX Green Reverse
  • SO1 = South City Classic
  • SO1R = South City Classic Reverse
  • SO2 = South City Unoffical 1
  • SO2R = South City Unoffical 1 Reverse
  • SO3 = South City Unoffical 2
  • SO3R = South City Unoffical 2 Reverse
  • SO4 = South City Long
  • SO4R = South City Long Reverse
  • AU1 = Autocross Arena
  • AU2 = Skidpad
  • AU3 = Drag (2 lane)
  • AU4 = Drag (8 lane)
  • KY1 = Kyoto ring Oval
  • KY1R = Kyoto ring Oval reversed
  • KY2 = Kyoto ring National
  • KY2R = Kyoto ring National reversed
  • KY3 = Kyoto ring GP long
  • KY3R = Kyoto ring GP long reversed
  • WE1 = Westhill International
  • WE1R = Westhill International reversed
  • AS1 = Aston Cadet
  • AS1R = Aston Cadet reversed
  • AS2 = Aston Club
  • AS2R = Aston Club reversed
  • AS3 = Aston National
  • AS3R = Aston National reversed
  • AS4 = Aston Historic
  • AS4R = Aston Historic reversed
  • AS5 = Aston Grand prix
  • AS5R = Aston Grand prix reversed
  • AS6 = Aston Grand Touring
  • AS6R = Aston Grand Touring reversed
  • AS7 = Aston North
  • AS7R = Aston North reversed

Points of Interest

LFS only accepts LAN IPs in the RFC1918 range

  • 10.0.0.0 - 10.255.255.255 (10/8)
  • 172.16.0.0 - 172.31.255.255 (172.16/12)
  • 192.168.0.0 - 192.168.255.255 (192.168/16)

Calculating Required Upload (As of Patch V)

Either use the calculator in the full LFS client (Multiplayer > Start New Game, select a track if required and fiddle with the settings), or follow this formula:

(PPS*0.09375)*((MAX_GUESTS*MAX_IN_RACE)-MAX_IN_RACE) = Kilobyte/sec upload required

If you don't plan to use the dedicated server, you should use the following:

(PPS*0.09375)*((MAX_GUESTS*MAX_IN_RACE)-(MAX_IN_RACE-1)) = Kilobyte/sec upload required