After reading the
KB article on this specific issue I have found where the connection logs are stored and decided to take a peek to further understand why this iptables rule isn't working and what else I can try
Code: Select all
[2018-03-11 06:37:42] Log session started
[2018-03-11 06:37:42] [0,0] SetSteamID( [A:1:0:0] )
[2018-03-11 06:37:42] [0,0] Server says 50% of connections should be websockets, we rolled 44 - using WebSockets as default.
[2018-03-11 06:37:42] [0,0] Existing WebSocket ping data (CM02-LON.cm.steampowered.com:27020) results: 147.0000ms + load 87.0000 (780 seconds ago)
[2018-03-11 06:37:42] [0,0] Existing WebSocket ping data (s3tuk-035b.cm.steampowered.com:443) results: 53.0000ms + load 10.0000 (781 seconds ago)
[2018-03-11 06:37:42] [0,0] Existing WebSocket ping data (cm01-lax.cm.steampowered.com:443) results: 53.0000ms + load 15.0000 (781 seconds ago)
[2018-03-11 06:37:42] [0,0] Existing WebSocket ping data (cm04-lax.cm.steampowered.com:443) results: 49.0000ms + load 13.0000 (781 seconds ago)
[2018-03-11 06:37:42] [0,0] PingWebSocketCM() stopping early for good host (cm04-lax.cm.steampowered.com:443)
[2018-03-11 06:37:42] [1,3] Connect() starting connection (eNetQOSLevelMedium, cm04-lax.cm.steampowered.com:443, WebSocket)
[2018-03-11 06:37:42] [1,3] ConnectionCompleted() (162.254.195.47:443, WebSocket)
[2018-03-11 06:37:42] [1,3] RecvMsgClientLogOnResponse() : [A:1:3139683338:9722] 'OK'
I am unfamiliar with websockets or how they work, however I believe I would want to block these as well, also of note is the first content server is running on port 27020, also outside the scope of this filtering rule
Here is what I did, obviously this method is bad as I cant server anything via https:// so if there is a better method to accomplish this, please let me know.
iptables -A OUTPUT -p tcp -m tcp --dport 27017:27021 --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 443 --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
Code: Select all
[2018-03-11 07:21:57] [0,0] Existing WebSocket ping data (CM02-FRA.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (132 seconds ago)
[2018-03-11 07:21:57] [0,0] Existing WebSocket ping data (CM02-STO.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (133 seconds ago)
[2018-03-11 07:21:57] [0,0] Existing WebSocket ping data (CM03-STO.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (133 seconds ago)
[2018-03-11 07:21:57] [0,0] PingWebSocketCM() (CM03-LON.cm.steampowered.com:27021) starting...
[2018-03-11 07:21:57] [0,0] PingWebSocketCM() (CM02-VIE.cm.steampowered.com:27020) starting...
[2018-03-11 07:21:57] [0,0] PingWebSocketCM() (CM01-FRA.cm.steampowered.com:27020) starting...
[2018-03-11 07:21:58] [0,0] PingWebSocketCM() (CM03-LON.cm.steampowered.com:27021) failed talking to cm (timeout/neterror - Invalid)
[2018-03-11 07:21:58] [0,0] PingWebSocketCM() (CM01-FRA.cm.steampowered.com:27020) failed talking to cm (timeout/neterror - Invalid)
[2018-03-11 07:21:58] [0,0] PingWebSocketCM() (CM02-VIE.cm.steampowered.com:27020) failed talking to cm (timeout/neterror - Invalid)
[2018-03-11 07:21:58] [1,11] Connect() starting connection (eNetQOSLevelMedium, CM01-IAD.cm.steampowered.com:443, WebSocket)
[2018-03-11 07:22:58] [1,0] ConnectFailed('Connection Failed':0) (0.0.0.0:0, WebSocket)
[2018-03-11 07:22:58] [0,0] StartAutoReconnect() will start in 3 seconds
[2018-03-11 07:23:01] [0,0] Server says 0% of connections should be websockets, we rolled 50 - using UDP as default.
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM02-LUX.cm.steampowered.com:443) results: 10000.0000ms + load 0.0000 (195 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM01-LUX.cm.steampowered.com:27021) results: 10000.0000ms + load 0.0000 (195 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM02-LUX.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (197 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM03-STO.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (197 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM02-FRA.cm.steampowered.com:443) results: 10000.0000ms + load 0.0000 (128 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM01-LUX.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (128 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM04-LON.cm.steampowered.com:443) results: 10000.0000ms + load 0.0000 (128 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM01-FRA.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (63 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM02-VIE.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (63 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM03-LON.cm.steampowered.com:27021) results: 10000.0000ms + load 0.0000 (63 seconds ago)
[2018-03-11 07:23:01] [0,0] Existing WebSocket ping data (CM01-IAD.cm.steampowered.com:27020) results: 10000.0000ms + load 0.0000 (195 seconds ago)
[2018-03-11 07:23:01] [0,0] PingWebSocketCM() (cm04-ord.cm.steampowered.com:443) starting...
[2018-03-11 07:23:01] [0,0] PingWebSocketCM() (cm03-ord.cm.steampowered.com:27020) starting...
[2018-03-11 07:23:02] [0,0] PingWebSocketCM() (cm03-ord.cm.steampowered.com:27020) failed talking to cm (timeout/neterror - Invalid)
[2018-03-11 07:23:02] [0,0] PingWebSocketCM() (cm04-ord.cm.steampowered.com:443) failed talking to cm (timeout/neterror - Invalid)
[2018-03-11 07:23:02] [1,15] Connect() starting connection (eNetQOSLevelMedium, CM02-LUX.cm.steampowered.com:443, WebSocket)
[2018-03-11 07:24:02] [1,0] ConnectFailed('Connection Failed':0) (0.0.0.0:0, WebSocket)
[2018-03-11 07:24:02] [0,0] StartAutoReconnect() will start in 5 seconds
[2018-03-11 07:24:07] [0,0] Server says 0% of connections should be websockets, we rolled 3 - using UDP as default.
[2018-03-11 07:24:07] [1,101] Connect() starting connection (eNetQOSLevelMedium, 208.64.201.169:27017, TCP)
[2018-03-11 07:26:14] [1,0] ConnectFailed('Connection Failed':6e) (208.64.201.169:27017, TCP)
[2018-03-11 07:26:14] [0,0] StartAutoReconnect() will start in 8 seconds
[2018-03-11 07:26:22] [0,0] Server says 0% of connections should be websockets, we rolled 63 - using UDP as default.
[2018-03-11 07:26:22] [1,105] Connect() starting connection (eNetQOSLevelMedium, 208.64.201.169:27017, TCP)
[2018-03-11 07:28:30] [1,0] ConnectFailed('Connection Failed':6e) (208.64.201.169:27017, TCP)
[2018-03-11 07:28:30] [0,0] StartAutoReconnect() will start in 7 seconds
[2018-03-11 07:28:37] [0,0] Server says 0% of connections should be websockets, we rolled 73 - using UDP as default.
[2018-03-11 07:28:37] [1,2] Connect() starting connection (eNetQOSLevelMedium, 208.64.201.169:27017, UDP)
[2018-03-11 07:28:37] [1,2] ConnectionCompleted() (208.64.201.169:27017, UDP)
[2018-03-11 07:28:37] [1,2] RecvMsgClientLogOnResponse() : [A:1:3866668041:9722] 'OK'
So it will finally choose to connect via udp if tcp is blocked on ports 443,27020,27021 (and possibly others) first of all, how do I clear this cache? it looks like it can take up to 5 minutes before it attempts to use a UDP connection, is there anything I can do about this?