Guide L2Proxy - A simple Proxy for Lineage 2

[Elfo]

Since I see people asking for this every now and then I thought I'd code it and share it.

 

L2Proxy is a simple MITM proxy for your L2 server.

 

It comes in two parts

• The Java side
• The L2Proxy service

 

The Java side can be used on any pack and with any proxy configuration without needing the app. If however you don't wanna mess with proxy configuration you can also use the L2Proxy service which runs a MITM proxy for your players. It is fully cross platform and will run fine on any VPS as long as you have the network bandwidth needed. It adds some extra functionality that you might find handy.

 

Proxies with Gameserver invisibility turned on

 

Features

• Gameserver invisibility option - You are able to hide your server behind the proxies and keep your real server IP secret
• RealIP - Usually with MITM proxies, since the traffic is funnelled from one server, you normally lose the real IP of the player which limits a lot of the functionality that you might have implemented. L2Proxy allows the LoginServer to pass the real IP of the used to the Gameserver during the Login->Gameserver player handoff
• An API - You can use the API in L2Proxy to check the stats of your Proxies, see the active connections to it and even disconnect a specific use IP or blacklist it
• IP Blacklist - You can blacklist a specific IP its connection will be rejected on the proxy level before it ever gets to the gameserver. This includes malicious connections. You can also use the API to blacklist someone and get them instantly disconnected. 
• Multiple Proxies from one app - No real reason for this to exist but I added it anyway
• Proxy health detection. If the proxy goes down the proxy listings will appear as down as well. (This feature requires the L2Proxy service). Validation can be turned off by setting the "validateHealth" option to false.
• Unhealthy proxy fallback. If all proxies are down and the "fallbackToGameserver" setting is set to true then even if you've chosen to hide the gameserver, it will appear as a fallback so people can still login when the proxies are down.
• MaxConnections on each proxy. Once the limit is met, no more connections can be made to the gameserver via the proxy.  -1 means unlimited

 

API Actions

To make actions you need to set the x-api-key header to equal to the API Key setting in L2Proxy. The default is "changeit".

 

• Get all proxies - GET http://localhost:6969/api/proxies
• Get proxy by IP and Port - GET http://localhost:6969/api/proxies/127.0.0.1/7778 (IP is the proxy ip and 7778 is the proxy port)
• Disconnect an active connection - DELETE http://localhost:6969/api/proxies/127.0.0.1/7778/127.0.0.1/11571 (First IP is the proxy IP, second ip is the client ip, first port is the proxy port and second port is a client port)
• Get all blacklisted IPs - GET http://localhost:6969/api/blacklist
• Check if IP is blacklisted - GET http://localhost:6969/api/blacklist/127.0.0.1 (The IP is the user IP)
• Blacklist an IP and disconnect used - POST http://localhost:6969/api/blacklist/127.0.0.1 (The IP is the user IP)
• Removed an IP from the blacklist - DELETE http://localhost:6969/api/blacklist/127.0.0.1 (The IP is the user IP)

 

proxy.xml

<?xml version='1.0' encoding='utf-8'?>
<list>
    <config />
    <!-- 
        serverId: The true id of the gameserver
        hide: When enabled, the true gameserver will not appear in the server list
        fallbackToGameserver: When the proxy server is down, when true, the real gameserver will appear
        proxyServerId: The gameserver id that the proxy will use to be listed in the server list
        proxyHost: The host of the proxy
        proxyPort: The port of the proxy
        apiPort: The port of the API for the proxy
        apiKey: The api key for the proxy api
    -->
    <gameserver serverId="1" hide="true" fallbackToGameserver="false">
        <proxy proxyServerId="2" proxyHost="127.0.0.1" proxyPort="7778" validateHealth="true" apiPort="6969" apiKey="changeit"/>
        <proxy proxyServerId="3" proxyHost="127.0.0.1" proxyPort="7779" validateHealth="true" apiPort="6969" apiKey="changeit"/>
    </gameserver>
</list>

 

Here is a diagram explaining the initial login flow. Once you login the loginserver goes away and you connect directly to the proxies or gameserver depending on your configuration.

 

Features I might add (don't bet on it)

• Max connection limit
• Make calls to the API to let the gameserver know the proxy status and make proxy level action
• Proxy service discovery to propagate proxy actions to all running proxies
• Automatic proxy suggestion based on proxy load
• You currently need to blacklist the IP on each proxy API since the data is not shared

 

Download link and executables of latest version: https://github.com/Elfocrash/L2Proxy/releases/tag/v0.2.0

If you run the framework dependent version you need .NET 5 CLR installed. If you run the standalone versions you don't need anything preinstalled.

 

Will upload a video of the thing at some point. It's late.

 

Enjoy

Edited April 21, 2021 by Elfocrash

[magicKyo]

Hello Elfo, i think i am doing right, but somehow is not working to me. Am i doing something wrong? I can see the 2nd gameserver but it has 0 ping and i can't connect. If i  set to "not hide" the real gs, i can only login to this one, Evey time i try to connect to the proxy gs just nothing happen.

<?xml version='1.0' encoding='utf-8'?>
<list>
    <gameserver serverId="1" hide="false">
        <proxy proxyServerId="2" proxyHost="HERE IP WHERE THE HOST IS RUNNING (VPS)" proxyPort="7778"/>
    </gameserver>
</list>

{
  "ProxySettings": {
    "Proxies": [
      {
        "ProxyHost": "HERE IP WHERE THE HOST IS RUNNING (VPS)",
        "ProxyPort": 7778,
        "L2ServerHost": "HERE IP OF THE DEDICATE MACHINE (REAL SERVER)",
        "L2ServerPort": 7777
      }
    ]
  },
  "ApiSettings": {
    "Url": "http://0.0.0.0:6969",
    "ApiKey": "changeit"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*"
}

Quote

 

 

[Elfo]

26 minutes ago, magicKyo said:

Hello Elfo, i think i am doing right, but somehow is not working to me. Am i doing something wrong? I can see the 2nd gameserver but it has 0 ping and i can't connect. If i  set to "not hide" the real gs, i can only login to this one, Evey time i try to connect to the proxy gs just nothing happen.

Is the 7778 port open? Your proxy server needs 7778 open for inbound traffic and 7777 for outbound

Edited April 20, 2021 by Elfocrash

[magicKyo]

opening the door as you said it change something, in L2Proxy console say connection established with the ip:port( i notice this port number change every time i try to connect) but it stay in the server choice page. If i choose the real server it login normally

[Elfo]

10 minutes ago, magicKyo said:

opening the door as you said it change something, in L2Proxy console say connection established with the ip:port( i notice this port number change every time i try to connect) but it stay in the server choice page. If i choose the real server it login normally

You need to also open outbound traffic port 7777 for the connection to go to the gameserver

[magicKyo]

Thank you it solve my problem, works perfectly (is normal to see 0 ping for the proxy server list ?)

[Elfo]

2 minutes ago, magicKyo said:

Thank you it solve my problem, works perfectly (is normal to see 0 ping for the proxy server list ?)

If proxy is local to you you will see 0, else you will see the real value. (I can't remember is ping is calculated by the client itself or if it's a packet value. It doesn't look to be a packet value.
Example:

[Seamless]

Hi, first i need to get something clear, in java side (l2 proxy patch diff ) do i need to setup something else rather than apply the patch to source ? if not, then when i try  to load  login server i get this error 

https://ibb.co/HN3vn7J

Setup in my xml is like the one in post. (ofc changed accordingly)

 

Second,  do i need to run both java patch and   the app in order for this to work ? or the app can work by connecting from my dedi to the app of my proxy ? if thats the case how do i connect the API from l2jpack to this ?

 

Thank you in advance and its great to share such a free content. Some here charge 150++ euro for this. 

 

 

 

 

[magicKyo]

I have proxy on vps, game server on dedicate machine and i login form my pc, and i see 0 ping next to the proxy server name.

[Elfo]

6 minutes ago, Seamless said:

Hi, first i need to get something clear, in java side (l2 proxy patch diff ) do i need to setup something else rather than apply the patch to source ? if not, then when i try  to load  login server i get this error 

https://ibb.co/HN3vn7J

Setup in my xml is like the one in post. (ofc changed accordingly)

 

Second,  do i need to run both java patch and   the app in order for this to work ? or the app can work by connecting from my dedi to the app of my proxy ? if thats the case how do i connect the API from l2jpack to this ?

 

Thank you in advance and its great to share such a free content. Some here charge 150++ euro for this. 

You need to create the xml in the appropriate location. The error you get says that the xml doesn't exist in the right folder. Keep in mind the config is on the loginserver not gameserver.

You need to apply the java patch and then run the app in the VPS that you use for proxy. You need to also open the inbound and outbound ports in the VPS to accept traffic and point it to the gameserver

8 minutes ago, magicKyo said:

I have proxy on vps, game server on dedicate machine and i login form my pc, and i see 0 ping next to the proxy server name.

Can't remember which packet the ping lives in. It doesn't look it's in the ServerList one

[Seamless]

My both vps is linux. Any hint how do i run those 3 files of the app there ? thanks for the answer.

[Elfo]

1 minute ago, Seamless said:

My both vps is linux. Any hint how do i run those 3 files of the app there ? thanks for the answer.

They are self contained excecutables so simply configure the appsettings.json and then
chmod 777 L2Proxy
./L2Proxy

And it will run

Edited April 20, 2021 by Elfocrash

[Seamless]

Works like a charm both on acis public source 382(easy to adapt) and at latest 398. This  right here is pure gold. Thank you for your contribution. 

Edited April 21, 2021 by Seamless

[Elfo]

v0.2.0 is out! Check it out here: https://github.com/Elfocrash/L2Proxy/releases/tag/v0.2.0

 

• Added proxy status detection. If the proxy goes down the proxy listings will appear as down as well. (This feature requires the L2Proxy service). Validation can be turned off by setting the "validateHealth" option to false.
• Added unhealthy proxy fallback. If all proxies are down and the "fallbackToGameserver" setting is set to true then even if you've chosen to hide the gameserver, it will appear as a fallback so people can still login when the proxies are down.
• Added MaxConnections on the proxy. Once the limit is met, no more connections can be made to the gameserver via the proxy.  -1 means unlimited

[Celestine]

Topic Pinned thanks for your contribution Elfocrash.