My son plays Team Fortress 2 a great deal and wanted to host his own server with mods for him and his friends to play on. Rather than using his PC for that I created an account for him on the Linux basement server.
I downloaded the Linux dedicated server, did a little port forwarding, a few small scripts with screen and POOF! he can now run and manage his own TF2 server. I need to email him some troubleshooting steps but it’s pretty basic even with SourceMods. It works.
Except I’m using FIOS and my IP addresss changes from time to time. The basement server does update it’s DNS entry via Namecheap but TF2 favorites work by IP address.
When the address changes the port forwarding still works but my son’s friends can’t find the server. The IP address changed and their favorite is gone. That sucks.
IP Tables to the rescue
I happen to have a fixed IP address on the Internet. This web server. I don’t have to run the dedicated server on my VPS, I just have to port forward TCP and UPD ports 27015 to the FIOS router.
- My basement server keeps the dynamic DNS name updated with the external IP address.
- My web server runs script every hour to see if the IP address changed for that DNS entry.
- If it did change then it deletes just the old iptable rules and re-add them with the new IP address.
I found a useful bash script for targeting specific rules in named sections of iptables. Why re-invent the wheel? 😉
Here’s the script.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| CURRENTIP=$(dig +short tf2.dn7.me | tail -1) | |
| OLDIP=$(</var/cache/tf2.dn7.me-ip) | |
| if [ "$CURRENTIP" != "$OLDIP" ] | |
| then | |
| # Delete existing /sbin/iptables rules for port 27015 | |
| # From http://serverfault.com/questions/401416/iptables-clear-all-prerouting-rules-with-a-specific-destination-address | |
| # Remove PREROUTING rules for destination port 27015. | |
| for line_num in $(/sbin/iptables –line-numbers –list PREROUTING -t nat | awk '$8=="dpt:27015" {print $1}') | |
| do | |
| LINES="$line_num $LINES" | |
| done | |
| # Delete the lines, last to first. | |
| for line in $LINES | |
| do | |
| /sbin/iptables -t nat -D PREROUTING $line | |
| done | |
| unset LINES | |
| # Remove FORWARD rules for destination port 27015. | |
| for line_num in $(/sbin/iptables –line-numbers –list FORWARD | awk '$8=="dpt:27015" {print $1}') | |
| do | |
| LINES="$line_num $LINES" | |
| done | |
| # Delete the lines, last to first. | |
| for line in $LINES | |
| do | |
| /sbin/iptables -D FORWARD $line | |
| done | |
| unset LINES | |
| # Add /sbin/iptables of server's new IP | |
| /sbin/iptables -A FORWARD -d $CURRENTIP -i eth0 -p tcp -m tcp –dport 27015:27015 -j ACCEPT #forward tcp port range | |
| /sbin/iptables -A FORWARD -d $CURRENTIP -i eth0 -p udp -m udp –dport 27015:27015 -j ACCEPT #forward udp port range | |
| /sbin/iptables -t nat -A PREROUTING -d 172.99.75.122 -p tcp -m tcp –dport 27015:27015 -j DNAT –to-destination $CURRENTIP | |
| /sbin/iptables -t nat -A PREROUTING -d 172.99.75.122 -p udp -m udp –dport 27015:27015 -j DNAT –to-destination $CURRENTIP | |
| /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | |
| # Save the current IP | |
| echo $CURRENTIP > /var/cache/tf2.dn7.me-ip | |
| # Done | |
| fi |
I registered the server on Gametracker and the banner works fine.
It works and while the server’s actual IP address changes this will let others find my server. I only change my web server’s host once every few years so this will remain in place for a long time.
They like Minecraft maps. I don’t know why but that’s alright.
