Jump to content

Unable to connect to CentOS 7 zomboid VPS


relin

Recommended Posts

Please grab a coffee, it's a long one.

 

Specs of VPS: ~2GB RAM, Openvz CentOS 7 linux.

 

I yum install java, screen, did the glibc installation as advised on the wikipedia page of steamcmd for centOS (glibc-2.17-55.el7_0.5.x86_64 || glibc.i686 and libstdc++.i686), then headed here, checked this link for glibc's -common, -headers and -devel, just in case.

 

Problem #1: NullPointerException when listed as public server

 

Here are the changes I made to the Zomboid/Server/servertest.ini

PauseEmpty=truePVP=falsePublic=truePublicName=centosPublicDescription=lowcapsPublicPlayers=15

The unique error I get running ./projectzomboid-dedi-server.sh on root (just to make sure it's not a permissions type problem) [ps. ram values set at 1024]

 

Common header while launching:

 

Loading RakNet from: /home/steamuser/steamcmd/server/projectzomboid
SVN REVISION 964
versionNumber=Early Access v. 30.16 demo=false
server name is "servertest"
reading server options from "/root/Zomboid/Server/servertest.ini"
user database "/root/Zomboid/db/servertest.db"
Initialising Server Systems...

 

 

Exceptions:

 

 *** SERVER STARTED ****

server is listening on port 16261
connecting to public server list
java.lang.NullPointerException
        at zombie.util.PublicServerUtil.getMacAddress(PublicServerUtil.java:183)
        at zombie.util.PublicServerUtil.insertDatas(PublicServerUtil.java:144)
        at zombie.util.PublicServerUtil.insertOrUpdate(PublicServerUtil.java:93)
        at zombie.network.GameServer.main(GameServer.java:325)

 

So I changed the servertest.ini to non-public

PauseEmpty=truePVP=falsePublic=falsePublicName=PublicDescription=PublicPlayers=15

And I get no NullPointerException like the one above, i'm not sure if this is the actual symptom that is preventing me from connecting to my own VPS.

 

Problem #2: translator: failed to parse Recipes for language=EN

 

This occurs both in the public and nonpublic listed options for modifying servertest.ini this problem does not change.

 

Initialising Server Systems...
translator: language is EN
translator: failed to parse Recipes for language=EN
translator: failed to parse Items for language=EN
...
...several lines later
...
ScavengDefinitions: no such item Base.BerryBlack
ScavengDefinitions: no such item Base.BerryBlue
ScavengDefinitions: no such item Base.BerryPoisonIvy
ScavengDefinitions: no such item Base.BerryGeneric1
ScavengDefinitions: no such item Base.BerryGeneric2
ScavengDefinitions: no such item Base.BerryGeneric3
ScavengDefinitions: no such item Base.BerryGeneric4
ScavengDefinitions: no such item Base.BerryGeneric5
ScavengDefinitions: no such item Base.MushroomGeneric1
ScavengDefinitions: no such item Base.MushroomGeneric2
ScavengDefinitions: no such item Base.MushroomGeneric3
ScavengDefinitions: no such item Base.MushroomGeneric4
ScavengDefinitions: no such item Base.MushroomGeneric5
ScavengDefinitions: no such item Base.MushroomGeneric6
ScavengDefinitions: no such item Base.MushroomGeneric7
ScavengDefinitions: no such item Base.Cricket
ScavengDefinitions: no such item Base.Grasshopper
ScavengDefinitions: no such item Base.Cockroach
ScavengDefinitions: no such item Base.Worm
ScavengDefinitions: no such item Base.GrapeLeaves
ScavengDefinitions: no such item Base.Rosehips
ScavengDefinitions: no such item Base.Violets
ScavengDefinitions: no such item Base.WildEggs

 

I played enough hours to know worms and berries exists in single player, so I thought something is wrong here. I'm not sure if this is affecting the connection problem of client to server.

 

Problem #3: I can't connect from Canada IP (my location) to Chicago IP (server)

 

Obligatory background info: So when I first ssh'd into the VPS I had a warning of 4k login attempts, found out it was at a rate of 136 login attempts per minute from a single china IP, so I set up fail2bail. And since I didn't know anything about firewalld, I installed iptables, like the old CentOS I'm used to, ban-defended my box until it was down to 24 attempts per 10 hours and I caught around over a dozen IPs.

 

so I have both iptables and firewallD, and I opened both on TCP 16261 - 16275, for the 15 player limit I'm imposing. 

 

iptables

 
Chain IN_public_allow (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ctstate NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpts:16261:16275 ctstate NEW

 

 

 

firewallD

public (default)
  interfaces:
  sources:
  services: dhcpv6-client ssh
  ports: 16261-16275/tcp
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

 

 

 

Even running without public server settings under servertest.ini I can't connect to the VPS, where I can join servers on public servers, I get this:

sendto failed with code -1 for char 5 and length 1464.

in the ProjectZomboid.exe repeated about ~3 times every time I try. It's like I'm trying to join a non-existing server.

 

Full Logs:

 

Full Logs from default launch script

With public setting

Without public  setting

Full Logs from network firewall settings

Iptables and firewallD

 

Thanks for reading in advance if you need further information of anything I'll provide in reply asap

 

What I tried:

Checking yum for updates

Deleting folders of steamcmd, zomboid dedicated script directory, zomboid server ini file folder.

Restarted CentOS VPS

 

Network troubleshooting:

This might be a network problem, so I

nmap -PN -p 16261 -sN (PZ IP)

on some public servers to see what their ports are like for the game, and some public servers have it as "open/filtered" under TCP. While mine's under "open/filtered" as well.

 

So I'm now using tcpdump, by now I changed iptables to 16261-16281 that allows all tcp traffic destined port range from 16261-16281 in a line like this.

 tcpdump -s 6300 dst portrange 16261-16281 -w tcpfile

I'm grabbing a snippet of when I launched the script and results.
 

zPhOYbo.png

 

Here's what I did, to trigger the above.

 

TCPDUMP Monitoring method used:

 

 

1. start tcpdump

2. screen over to start zomboid...-dedi.sh

3. wait for zomboid to reach **** SERVER STARTED ****

4. alt tab to my PC running project zomboid, tried connecting to server

5. when ingame notification states "connection failed" I would exit zomboid...-dedi.sh

6. then i would stop and read the tcpdump lines written during these steps.

 

I'm assuming the ip from port 55101 is from the public server authenticator. Btw I changed the game port from 16261 to 16262 from that .ini file for server settings, in order to test if that was working as intended. It is :P

 

So I ran

 tcpdump -s 6300 dst portrange 16261-16281 -w tcpfile 

again

 

but this time no public server, it's just the above results without port 55101's server.
 

Then I ran

 tcpdump -s 6300 src portrange 16261-16281 -w tcpfile

Twice, with the same conditions as above, once without public server setting, one with, with the default tcpdump method, no packets were from source of these port ranges.

 

At this point, I tried everything, to my capabilities.

 

So I decided to monitor all traffic that's not port 22, that's default SSH port at the time.

tcpdump -s 6300 port not 22 -w tcpfile

And I got this in return. Using the above quoted default tcpdump method.

 

10:52:03.841948 IP dabs.PZvpsIP.ca.58145 > google-public-dns-a.google.com.domain: 65459+ AAAA? www.projectzomboid.com. (40)10:52:03.843289 IP google-public-dns-a.google.com.domain > dabs.PZvpsIP.ca.58145: 65459 0/1/0 (99)10:52:03.843302 IP google-public-dns-a.google.com.domain > dabs.PZvpsIP.ca.58145: 52274 5/0/0 A 198.41.247.217, A 162.159.254.217, A 162.159.252.217, A 162.159.255.217, A 162.159.253.217 (120)10:52:03.847075 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [S], seq 3661928207, win 14600, options [mss 1460,sackOK,TS val 1917013034 ecr 0,nop,wscale 7], length 010:52:03.848273 IP 198.41.247.217.http > dabs.PZvpsIP.ca.43369: Flags [S.], seq 1825780614, ack 3661928208, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 010:52:03.848332 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [.], ack 1, win 115, length 010:52:03.852014 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [P.], seq 1:190, ack 1, win 115, length 18910:52:03.853216 IP 198.41.247.217.http > dabs.PZvpsIP.ca.43369: Flags [.], ack 190, win 30, length 010:52:04.082534 IP 198.41.247.217.http > dabs.PZvpsIP.ca.43369: Flags [P.], seq 1:542, ack 190, win 30, length 54110:52:04.082542 IP 198.41.247.217.http > dabs.PZvpsIP.ca.43369: Flags [P.], seq 542:547, ack 190, win 30, length 510:52:04.082590 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [.], ack 542, win 123, length 010:52:04.082610 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [.], ack 547, win 123, length 010:52:04.089810 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [P.], seq 190:495, ack 547, win 123, length 30510:52:04.090967 IP 198.41.247.217.http > dabs.PZvpsIP.ca.43369: Flags [.], ack 495, win 31, length 010:52:06.230895 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 146410:52:06.230939 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:06.734136 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 146410:52:06.734168 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:07.238712 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 146410:52:07.238738 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:07.740791 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 146410:52:07.740835 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:08.243849 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 117210:52:08.243906 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:08.747116 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 117210:52:08.747159 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:08.984903 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 117210:52:08.984937 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:09.250471 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 117210:52:09.250518 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:09.494895 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 117210:52:09.494926 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:09.753499 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 117210:52:09.753552 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:10.005196 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 117210:52:10.005242 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:10.256203 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:10.256239 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:10.514390 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 117210:52:10.514432 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:10.759749 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:10.759800 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:11.018190 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:11.018252 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:11.263169 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:11.263198 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:11.527954 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:11.527999 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:11.766397 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:12.037694 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:12.037748 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:12.269770 IP mort.positive-dedicated.net.36543 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:12.269830 IP dabs.PZvpsIP.ca > mort.positive-dedicated.net: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:12.548005 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:12.548057 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:12.827132 IP 198.41.247.217.http > dabs.PZvpsIP.ca.43369: Flags [P.], seq 547:1105, ack 495, win 31, length 55810:52:12.827137 IP 198.41.247.217.http > dabs.PZvpsIP.ca.43369: Flags [P.], seq 1105:1110, ack 495, win 31, length 510:52:12.827177 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [.], ack 1110, win 132, length 010:52:13.057979 IP clientIP.104.cpe.pppoe.ca.24393 > dabs.PZvpsIP.ca.16262: UDP, length 54810:52:13.058029 IP dabs.PZvpsIP.ca > clientIP.104.cpe.pppoe.ca: ICMP host dabs.PZvpsIP.ca unreachable - admin prohibited, length 55610:52:23.904991 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [F.], seq 495, ack 1110, win 132, length 010:52:23.907543 IP 198.41.247.217.http > dabs.PZvpsIP.ca.43369: Flags [F.], seq 1110, ack 496, win 31, length 010:52:23.907593 IP dabs.PZvpsIP.ca.43369 > 198.41.247.217.http: Flags [.], ack 1111, win 132, length 0

 

Analysis of Network packets.

 

Intel gathered from this is: the 198.41.247.217 IP, reverse looks up = project zomboid's main website.

mort.positive-dedicated.net i'm assuming is the authenticating server?

 

Something happened between vps and pz's a handshake that allowed mort.positive-dedicated.net to communicate with my VPS, then following a ICMP code 1, where my VPS has the "host unreachable, admin prohibited" could be from IPtables?

 

When I wake up in the afternoon I might just allow traffic from those specific IPs and ports, and maybe things will change for the better?

 

Good news, I tested fate and

systemctl stop iptables./projectzomboid-dedi-server.shconnected with my client pc YAY! it worked!systemctl start iptablessystemctl restart fail2ban

Instant >40 IP ban cause chinese hackers are still botnetting muh IP

 

So now, I know it's iptables settings. :D

 

What would I need to do for the traffic to be allowed? we'll find out!

iptables -A INPUT -p tcp --dport 16261:162XX -j ACCEPTiptables -A INPUT -p udp --dport 16261:162XX -j ACCEPT

Everything works as intended, you need TCP and UDP to get it working haha. This windmil journey for ports. Sigh....

 

 

Is this what normal traffic is like for a server that is working or is my VPS host the one that's limiting this connection somehow? or is this all within the libraries? Please help!

Link to comment
Share on other sites

If you restart the server, does this still occur? Might be something that resolves itself in a few hours, if this is a new VPS.
 

java.lang.NullPointerException
        at zombie.util.PublicServerUtil.getMacAddress(PublicServerUtil.java:183)
        at zombie.util.PublicServerUtil.insertDatas(PublicServerUtil.java:144)
        at zombie.util.PublicServerUtil.insertOrUpdate(PublicServerUtil.java:93)
 
Link to comment
Share on other sites

 

If you restart the server, does this still occur? Might be something that resolves itself in a few hours, if this is a new VPS.

 

java.lang.NullPointerException
        at zombie.util.PublicServerUtil.getMacAddress(PublicServerUtil.java:183)
        at zombie.util.PublicServerUtil.insertDatas(PublicServerUtil.java:144)
        at zombie.util.PublicServerUtil.insertOrUpdate(PublicServerUtil.java:93)

 

 

 

I hope you're right, I don't think it is that new, I had it for atleast 3 days, the brute force attacks from china was preoccupying my need for a zomboid server lol.

 

Do you know anyone here that succeeded in hosting a CentOS server for zomboid? I saw Connel mentioning kirrus in a couple of threads about CentOS but that was in 2014.

Link to comment
Share on other sites

Put one up to test it quite a while ago on VirtualBox; didn't have this issue, though.

It's pretty early in the UK -- it'll probably be a few hours before we hear back from them.

 

I went on control panel and restarted the VPS, and the same exception was thrown when I set the public=true in servertest.ini

 

By the way, do you remember which libraries you got from yum install, apart from the requirements from steamcmd, screen and java?

 

Thanks for the quick reply btw!

 

---------------------------------------------------------

 

So I didn't go to sleep and I got results from trying to figure out what normal packet transactions look like from pz public authenticating server => game => client, and for me it looks like this:

zPhOYbo.pngfrom my VPS.

 

Ps it's on 16262 because I set it as the setting for the .ini file for server settings, to check if it's working, it is, destination is to 16262.

 

 

SOLUTION:

 

UDP + TCP porting in iptables, see OP last line of code for reference.

 

ALL THIS FOR NOTHING!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...