FiftyTifty
New member
I can run the server fine with all ports open, but I've been looking at securing my server, and have figured out how to use the firewall provided by Hetzner. I can connect to it through SSH, and the 7Days server itself launches. But I can't find the ports needed for Steamworks. According to https://support.steampowered.com/kb_article.php?ref=8571-GLVN-8711 all I need to do is open port 27015 UDP & TCP. But that doesn't solve the problem.
Here is the excerpt from my log:
The server successfully launches, but since Steamworks.NET fails, the client endlessly waits for Steam verification upon connecting to the server. Which other ports do I need to have open?
Edit: Using Wireshark, I saw that the 7Days server makes connections on ports 443, 27020, and 27021. Added those to be allowed through the fiirewall, but the server still fails with the same error.
Edit2: Found the solution. Using the socklist command, from the procinfo package, I found that the following ports were also needed to be opened:
TCP - 53244
TCP - 54437
TCP - 57767
Those ports are used to connect to Steamworks in order to authenticate users.
Edit3: Unfortunately, the ports change. On a second start of the server, the following TCP ports were used:
TCP - 54693
TCP - 53248
What is the defined range for these additional ports used by 7Days?
Edit3: Managed to find it. For real this time.
After installing the tcpdump utility for Ubuntu, by entering into the terminal "apt-get install tcpdump", and the socklist utility with "apt-get install socklist", I managed to find the steam server used for matchmaking. To do this, I did the following:
1. Launch server with firewall completely open
2. Once server is launched and ready, type socklist into the terminal
3. There will be 4 or 5 different ports being used by the process 7DaysToDieServe. Look for the entries that don't use ports 26900-26902.
4. Use tcpdump on each of the used ports to see which external IPs (Steam's servers) are using those ports.
5. As an example, out of the three ports I needed to look at (50891, 53262, and 38127, note that the ports change all the time and there's no set range), 50891 was the only port getting packets, and they were from 162.254.196.84.27021.
6. Referencing https://bgp.he.net/AS32590#_prefixes I found the server (NOT IP!) I needed to allow access past my firewall: 162.254.196.0
7. In my firewall, I put in 162.254.196.84 for the source IP. After applying that setting, Hetzner's firewall automatically appended /32 to it, so it looks like this: https://i.imgur.com/AE1kkVb.png
Now players can connect to my server, and my firewall still does it's job.
Here is the excerpt from my log:
Code:
2019-10-04T17:13:37 77.858 INF [steamworks.NET] GameServer.Init successful
2019-10-04T17:13:37 77.862 INF [steamworks.NET] Making server public
2019-10-04T17:14:07 107.554 ERR [steamworks.NET] GameServer.LogOn timed outEdit: Using Wireshark, I saw that the 7Days server makes connections on ports 443, 27020, and 27021. Added those to be allowed through the fiirewall, but the server still fails with the same error.
Edit2: Found the solution. Using the socklist command, from the procinfo package, I found that the following ports were also needed to be opened:
TCP - 53244
TCP - 54437
TCP - 57767
Those ports are used to connect to Steamworks in order to authenticate users.
Edit3: Unfortunately, the ports change. On a second start of the server, the following TCP ports were used:
TCP - 54693
TCP - 53248
What is the defined range for these additional ports used by 7Days?
Edit3: Managed to find it. For real this time.
After installing the tcpdump utility for Ubuntu, by entering into the terminal "apt-get install tcpdump", and the socklist utility with "apt-get install socklist", I managed to find the steam server used for matchmaking. To do this, I did the following:
1. Launch server with firewall completely open
2. Once server is launched and ready, type socklist into the terminal
3. There will be 4 or 5 different ports being used by the process 7DaysToDieServe. Look for the entries that don't use ports 26900-26902.
4. Use tcpdump on each of the used ports to see which external IPs (Steam's servers) are using those ports.
5. As an example, out of the three ports I needed to look at (50891, 53262, and 38127, note that the ports change all the time and there's no set range), 50891 was the only port getting packets, and they were from 162.254.196.84.27021.
6. Referencing https://bgp.he.net/AS32590#_prefixes I found the server (NOT IP!) I needed to allow access past my firewall: 162.254.196.0
7. In my firewall, I put in 162.254.196.84 for the source IP. After applying that setting, Hetzner's firewall automatically appended /32 to it, so it looks like this: https://i.imgur.com/AE1kkVb.png
Now players can connect to my server, and my firewall still does it's job.
Last edited by a moderator:
