It's not a security concern - there are just lots of servers and they change often.
On Wed, Jun 12, 2013 at 8:01 PM, escapedturkey <[email protected]> wrote: > Thank you. That's a very good article, much appreciated. I'll do more > investigation and see what can be done. > > It would still be helpful to know the IP addresses and FQDNs that > SteamCMD uses for gathering knowledge and to always allow permission > via the firewall. I do understand why they wouldn't share it if there > is a security concern. > > On Wed, Jun 12, 2013 at 11:47 AM, Brian Engert <[email protected]> wrote: >> if your firewall is on the host there's a way to write a rule for a user >> http://www.cyberciti.biz/tips/block-outgoing-network-access-for-a-single-user-from-my-server-using-iptables.html >> while >> not as ideal it's still better then allowing all users. >> >> - Brian >> >> >> On Wed, Jun 12, 2013 at 12:54 PM, escapedturkey < >> [email protected]> wrote: >> >>> Yes, you're correct. I'll just be more flexible on port 80. I was >>> hoping to tighten it down a bit more but it will cause too many >>> issues. >>> >>> On Wed, Jun 12, 2013 at 10:43 AM, Doctor McKay <[email protected]> >>> wrote: >>> > What game are you running? If it's TF2, at least, you'll need port 80 >>> open >>> > so the server can download the item schema. >>> > >>> > You should really just open port 80 outbound though. >>> > >>> > >>> > >>> > Doctor McKay >>> > http://www.doctormckay.com >>> > [email protected] >>> > >>> > >>> > On Tue, Jun 11, 2013 at 1:06 PM, escapedturkey < >>> > [email protected]> wrote: >>> > >>> >> Just about all games have symlinks for large files, etc,. I've been >>> >> doing this for awhile. I do appreciate the advice. It is always good >>> >> to read and discuss methodologies. I have experimented with a lot of >>> >> different methods. In my opinion, it's better to provide redundant and >>> >> localized sources for content distribution than a single hub; ex >>> >> provide a pool of storage for said content per machine, for local >>> >> users, while distributing the updates across the machines. This is a >>> >> user managed service that strongly supports legal modification and >>> >> open source development. >>> >> >>> >> For Valve games, since there are a lot files that get unique updates, >>> >> it doesn't make sense to overly complicate it with symlinks. They do >>> >> take up a lot of space, but it doesn't matter these days because >>> >> storage capacity is very large, fast, and inexpensive; I use RAID 10 >>> >> with BBU on the systems and make regular backups. >>> >> >>> >> For Steam, I prefer to let the client perform the updates via the >>> >> supportive scripting and customized control panel. Some clients may >>> >> not want to update at a given time, and it's preferable not to force >>> >> anything on them. SteamCMD works fine as integrated into the scripting >>> >> and control panel. It has worked perfectly for years with regular >>> >> Steam. >>> >> >>> >> Back on topic: >>> >> >>> >> All I want to know are the FQDN or IP addresses to exclusively allow >>> >> SteamCMD access. I prefer to block as much as possible and only open >>> >> what is needed; knowledge is power. >>> >> >>> >> Thank you. =) >>> >> >>> >> On Tue, Jun 11, 2013 at 9:26 AM, Andre Müller <[email protected]> >>> >> wrote: >>> >> > If you don't have a CDN solution for your gameservers (worst thing), >>> you >>> >> > can use a caching proxy in a local net in your datacenter. So you can >>> >> close >>> >> > in- and outbound traffic on port 80 for external sources and allow >>> >> traffic >>> >> > on port 80 for your local net in your datacenter. Additionally you >>> will >>> >> > save incomming traffic, because your proxy is caching the content on >>> one >>> >> > server with big disk space. >>> >> > >>> >> > The other way is, to distribute your serverfiles with a server over >>> all >>> >> > your gamehosts e.g. with rsync or a cluster fs/bockdevice (glusterfs, >>> >> drbd >>> >> > or other). Your scripts can push the files to your customer >>> gameservers >>> >> or >>> >> > you use symlinks. >>> >> > _______________________________________________ >>> >> > To unsubscribe, edit your list preferences, or view the list archives, >>> >> please visit: >>> >> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>> >> >>> >> >>> >> >>> >> -- >>> >> EscapedTurkey.com Billing and Support >>> >> https://www.escapedturkey.com/helpdesk >>> >> >>> >> _______________________________________________ >>> >> To unsubscribe, edit your list preferences, or view the list archives, >>> >> please visit: >>> >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>> >> >>> > _______________________________________________ >>> > To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>> >>> >>> >>> -- >>> EscapedTurkey.com Billing and Support >>> https://www.escapedturkey.com/helpdesk >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux > > > > -- > EscapedTurkey.com Billing and Support > https://www.escapedturkey.com/helpdesk > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
