Jump to content

Recommended Posts

Posted (edited)

Description

This topic is part of a multi-part series. We'll try to get everything straight to the point in this guide, without unnecessary over-explanation.

PART 1 [THIS GUIDE]

  • Work faster with a better terminal emulator.
  • Use a better editor.
  • Basic L2J server setup.
  • Manage and secure your MySQL server. [!]

 

PART 2 [CLICK HERE]

  • Secure your Linux server.
  • Tuning system profiles. [!]
  • Network performance tuning. [!]
  • How to build and manage a firewall using iptables and conntrack - simplified version. [!]

 

PART 3 [CLICK HERE]

  • Understanding and managing the OVH Firewall. [!]
  • How to build and manage a firewall using iptables, conntrack, ipset and synproxy - advanced version. [!]
  • Mitigating most of the DDoS attacks. [!]


Linux Distro

gnu-linux-distribution-timeline.png

 

In this guide, we will choose the Red Hat distribution, CentOS 8 more precisely. There shouldn't be too much difference between the versions for our purpose.
 

Terminal Emulator

me.png


F@$% Putty. It is not making your life easier!
We should instead use a client with more features, such as password saving and macros.
I strongly recommend you MobaXterm, you can record, edit and run macros (among other awesome features). The free version has some minor limitations, but the pro version doesn't and the license is lifetime - this is the one I got. I own a portable version with a master password for security.
 

Pre-Installation

 

In all our commands we will use -y with our CLI commands, so we skip the yes/no confirmation. We'll use the package managers yum and dnf. Most of our commands will include sudo (running on the highest privilege). We could use sudo su to login as super-user instead.

It is very important to get all the updates first:

 

sudo yum update -y

 

Installation

 

Starting with the following packages:

apel-release is an Extra Packages for Enterprise Linux;
screen is only useful if you run AAC in screen mode;
nano is my favorite editor;
tcpdump is a data network packet analyzer - we will use it to capture network packets for analysis - very useful if you are under attack and want to know what and how.

 

sudo yum install epel-release -y
sudo yum install screen -y
sudo yum install nano -y
sudo yum install tcpdump -y

 

Use A Better Editor

 

Nano is easier and quicker!

You can open a file like any other editor:

 

nano <directory and filename>


Saving is quite simple which is why I like it:

CTRL+X -> Y -> ENTER to save
CTRL+X -> N -> ENTER not to save
 

Java

We'll use wget to get the java from the web:

 

sudo dnf install wget -y
wget https://download.oracle.com/java/19/latest/jdk-19_linux-x64_bin.rpm
sudo rpm -i jdk-19_linux-x64_bin.rpm

 

MariaDb

Installation:

 

sudo yum install mariadb-server -y
sudo systemctl start mariadb
sudo systemctl enable mariadb


Start the configuration:

 

sudo mysql_secure_installation

 

Configuring the MariaDb

Important Rules

 

  1. Do NOT use root for remote access. [!]
  2. Create a db user for every purpose. [!]
  3. Never allow a user from all IPs. [!]
  4. In addition to the MySQL IP permission, do the same on the firewall side. [!]


MariaDB's config file on CentOS 8 so you can allow remote access:

 

nano /etc/my.cnf.d/mariadb-server.cnf


Enter MySQL as root:

 

mysql -u root -p


 Database creation:

 

CREATE DATABASE login;
CREATE DATABASE game;


User creation:

1. We can start by creating the local user for the login and game servers; only accessed by the machine itself on localhost.
Db username: localuser
Db password: localpassword

 

CREATE USER 'localuser'@'localhost' IDENTIFIED BY 'localpassword';
GRANT ALL ON *.* to 'localuser'@'localhost' IDENTIFIED BY 'localpassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;


2. We create a remote user, so you can access it from your own computer.
Db username: trance
Db password: changemelater123
Trance's VPN or HOME IP (if static): 51.10.10.10

 

CREATE USER 'trance'@'localhost' IDENTIFIED BY 'changemelater123';
GRANT ALL ON *.* to 'trance'@'51.10.10.10' IDENTIFIED BY 'changemelater123' WITH GRANT OPTION;
FLUSH PRIVILEGES;


3. We create a web user, for your Account Panel.
Db username: ucp
Db password: changemelater456
Webhost's IP: 51.11.11.11

 

CREATE USER 'ucp'@'localhost' IDENTIFIED BY 'changemelater456';
GRANT ALL ON login.* to 'ucp'@'51.11.11.11' IDENTIFIED BY 'changemelater456' WITH GRANT OPTION;
FLUSH PRIVILEGES;

 

Tips and tricks:

 

*.* goes like <database name>.<tables access>
IP allowance: We can allow a whole network like: 'trance'@'51.10.%.%'


Db user limit example:
 

 Enter MySQL as root:

 

mysql -u root -p

 

And then:

 

GRANT ALL ON login.* TO 'ucp'@'51.11.11.11'
WITH MAX_QUERIES_PER_HOUR 500
MAX_UPDATES_PER_HOUR 50
MAX_CONNECTIONS_PER_HOUR 50
MAX_USER_CONNECTIONS 5;
FLUSH PRIVILEGES;


See db users and delete any if needed:
 

Enter MySQL as root:

 

mysql -u root -p


See all db users:

 

SELECT User,Host FROM mysql.user;


Delete a user example:

 

DROP USER 'ucp'@'51.11.11.11';
FLUSH PRIVILEGES;


Login and Game Servers

Login and Game Servers privilege to run the .sh files:

Hypothetically we have the Login and Game servers directory as follows:

  • server/login
  • server/game

 

We only need to do this once if the files are not going to be replaced:

 

cd server/login/
chmod +x LoginServer.sh LoginServerTask.sh
cd ~
cd server/game/
chmod +x GameServer.sh GameServerTask.sh


Run the Login and Game servers and then see the Game server console:

 

cd server/login/
./LoginServer.sh
cd ~
cd server/game/
./GameServer.sh
-f log/stdout.log


Reboot the OS

 

reboot

 

Credits

Give me credits if you share it anywhere else, including my Discord and MxC topic's URL.
Discord: Trance#0694

 

Edited by Trance
  • Like 1
  • Thanks 5
  • Upvote 2
  • Trance changed the title to The Linux Series! [PART 1]
Posted

its almost same for debian/ubuntu distribution that i use for servers, this is common knowledge for old people.

 

you must have lots of free time to make all this guides gj, this is actually a basic setup l2j server into linux distribution

Posted

@TranceThanks for guide this about linux setup.

I've a question.. Why should/choose to use linux instead of windows?

Linux has a reputation for being fast ok, but what's the real benefits for my server?

 

Posted (edited)
On 1/26/2023 at 3:46 PM, 'Baggos' said:

@TranceThanks for guide this about linux setup.

I've a question.. Why should/choose to use linux instead of windows?

Linux has a reputation for being fast ok, but what's the real benefits for my server?

 


We'll cover more in the next parts of this series.

Stability/Uptime - Linux is more reliable. Windows becomes slow over time, it needs to be rebooted more often than Linux.

Drivers - Windows drivers are mediocre. Your NIC (Network Interface) will even be taken down if some weird thing happens that it doesn't like.
 

Resources - how resources can be used and modified through the kernel is at a high level.

Security - it can be much safer.

Networking/Firewall - you can block unwanted traffic, allow desired traffic, redirect packets to alternate TCP/UDP ports, redirect packets to alternate IP addresses, protect against Denial of Service attacks. You can't do most of this on Windows.

Edited by Trance
  • Thanks 1
Posted

Thank you Mr.Gold!
Finally someone decided to share something a little more "elaborate". Probably some people won't like that you share the secrets behind the "fine-tune" as your list promises. "Waiting for the next chapters 🤓".

Posted
6 hours ago, &#x27;Baggos&#x27; said:

@TranceThanks for guide this about linux setup.

I've a question.. Why should/choose to use linux instead of windows?

Linux has a reputation for being fast ok, but what's the real benefits for my server?

 

to topup in trances reply i know some servers in linux with uptime 2 and 3 years no reboot

  • Trance featured this topic
  • 10 months later...
Posted
On 1/27/2023 at 1:40 AM, Trance said:

Description

This topic is part of a multi-part series. We'll try to get everything straight to the point in this guide, without unnecessary over-explanation.

PART 1 [THIS GUIDE]

  • Work faster with a better terminal emulator.
  • Use a better editor.
  • Basic L2J server setup.
  • Manage and secure your MySQL server. [!]

 

PART 2 [CLICK HERE]

  • Secure your Linux server.
  • Tuning system profiles. [!]
  • Network performance tuning. [!]
  • How to build and manage a firewall using iptables and conntrack - simplified version. [!]

 

PART 3 [CLICK HERE]

  • Understanding and managing the OVH Firewall. [!]
  • How to build and manage a firewall using iptables, conntrack, ipset and synproxy - advanced version. [!]
  • Mitigating most of the DDoS attacks. [!]


Linux Distro

gnu-linux-distribution-timeline.png

 

In this guide, we will choose the Red Hat distribution, CentOS 8 more precisely. There shouldn't be too much difference between the versions for our purpose.
 

Terminal Emulator

me.png


F@$% Putty. It is not making your life easier!
We should instead use a client with more features, such as password saving and macros.
I strongly recommend you MobaXterm, you can record, edit and run macros (among other awesome features). The free version has some minor limitations, but the pro version doesn't and the license is lifetime - this is the one I got. I own a portable version with a master password for security.
 

Pre-Installation

 

In all our commands we will use -y with our CLI commands, so we skip the yes/no confirmation. We'll use the package managers yum and dnf. Most of our commands will include sudo (running on the highest privilege). We could use sudo su to login as super-user instead.

It is very important to get all the updates first:

 

sudo yum update -y

 

Installation

 

Starting with the following packages:

apel-release is an Extra Packages for Enterprise Linux;
screen is only useful if you run AAC in screen mode;
nano is my favorite editor;
tcpdump is a data network packet analyzer - we will use it to capture network packets for analysis - very useful if you are under attack and want to know what and how.

 

sudo yum install epel-release -y
sudo yum install screen -y
sudo yum install nano -y
sudo yum install tcpdump -y

 

Use A Better Editor

 

Nano is easier and quicker!

You can open a file like any other editor:

 

nano <directory and filename>


Saving is quite simple which is why I like it:

CTRL+X -> Y -> ENTER to save
CTRL+X -> N -> ENTER not to save
 

Java

We'll use wget to get the java from the web:

 

sudo dnf install wget -y
wget https://download.oracle.com/java/19/latest/jdk-19_linux-x64_bin.rpm
sudo rpm -i jdk-19_linux-x64_bin.rpm

 

MariaDb

Installation:

 

sudo yum install mariadb-server -y
sudo systemctl start mariadb
sudo systemctl enable mariadb


Start the configuration:

 

sudo mysql_secure_installation

 

Configuring the MariaDb

Important Rules

 

  1. Do NOT use root for remote access. [!]
  2. Create a db user for every purpose. [!]
  3. Never allow a user from all IPs. [!]
  4. In addition to the MySQL IP permission, do the same on the firewall side. [!]


MariaDB's config file on CentOS 8 so you can allow remote access:

 

nano /etc/my.cnf.d/mariadb-server.cnf


Enter MySQL as root:

 

mysql -u root -p


 Database creation:

 

CREATE DATABASE login;
CREATE DATABASE game;


User creation:

1. We can start by creating the local user for the login and game servers; only accessed by the machine itself on localhost.
Db username: localuser
Db password: localpassword

 

CREATE USER 'localuser'@'localhost' IDENTIFIED BY 'localpassword';
GRANT ALL ON *.* to 'localuser'@'localhost' IDENTIFIED BY 'localpassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;


2. We create a remote user, so you can access it from your own computer.
Db username: trance
Db password: changemelater123
Trance's VPN or HOME IP (if static): 51.10.10.10

 

CREATE USER 'trance'@'localhost' IDENTIFIED BY 'changemelater123';
GRANT ALL ON *.* to 'trance'@'51.10.10.10' IDENTIFIED BY 'changemelater123' WITH GRANT OPTION;
FLUSH PRIVILEGES;


3. We create a web user, for your Account Panel.
Db username: ucp
Db password: changemelater456
Webhost's IP: 51.11.11.11

 

CREATE USER 'ucp'@'localhost' IDENTIFIED BY 'changemelater456';
GRANT ALL ON login.* to 'ucp'@'51.11.11.11' IDENTIFIED BY 'changemelater456' WITH GRANT OPTION;
FLUSH PRIVILEGES;

 

Tips and tricks:

 

*.* goes like <database name>.<tables access>
IP allowance: We can allow a whole network like: 'trance'@'51.10.%.%'


Db user limit example:
 

 Enter MySQL as root:

 

mysql -u root -p

 

And then:

 

GRANT ALL ON login.* TO 'ucp'@'51.11.11.11'
WITH MAX_QUERIES_PER_HOUR 500
MAX_UPDATES_PER_HOUR 50
MAX_CONNECTIONS_PER_HOUR 50
MAX_USER_CONNECTIONS 5;
FLUSH PRIVILEGES;


See db users and delete any if needed:
 

Enter MySQL as root:

 

mysql -u root -p


See all db users:

 

SELECT User,Host FROM mysql.user;


Delete a user example:

 

DROP USER 'ucp'@'51.11.11.11';
FLUSH PRIVILEGES;


Login and Game Servers

Login and Game Servers privilege to run the .sh files:

Hypothetically we have the Login and Game servers directory as follows:

  • server/login
  • server/game

 

We only need to do this once if the files are not going to be replaced:

 

cd server/login/
chmod +x LoginServer.sh LoginServerTask.sh
cd ~
cd server/game/
chmod +x GameServer.sh GameServerTask.sh


Run the Login and Game servers and then see the Game server console:

 

cd server/login/
./LoginServer.sh
cd ~
cd server/game/
./GameServer.sh
-f log/stdout.log


Reboot the OS

 

reboot

 

Credits

Give me credits if you share it anywhere else, including my Discord and MxC topic's URL.
Discord: Trance#0694

 

Amazing! Thank you very much!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



  • Posts

    • From Salvation onwards I think you need a patched nwindow.dll that allows such modifications, try to see if you get what you need here: https://drive.google.com/drive/u/1/folders/1LLbQFGf8KlR-O0Iv5umfF-pwZgrDh9bd
    • hello everyone! I am wanting to save the files (Ini. - Data - ) of the EP5 Client: Salvation... But they generate the error "corrupt files"... I tried several versions of L2FileEditor without good results. I need help! Thank you!
    • Opening December 6th at 19:00 (GMT +3)! Open Beta Test from November 30th!   https://l2soe.com/   🌟 Introducing L2 Saga of Eternia: A Revolution in Lineage 2 High Five! 🌟   Dear Lineage 2 enthusiasts, Prepare to witness the future of private servers! L2 Saga of Eternia is not just another High Five project—it’s a game-changing experience designed to compete with the giants of the Lineage 2 private server scene. Built for the community, by the community, we’re here to raise the bar in quality, innovation, and longevity. What Sets Us Apart? 💎 No Wipes, Ever Say goodbye to the fear of losing your progress. Our server is built to last and will never close. Stability and consistency are our promises to you. ⚔️ Weekly New Content Our dedicated development team ensures fresh challenges, events, and updates every week. From custom quests to exclusive features, there will always be something exciting to explore. 💰 No Pay-to-Win Skill and strategy matter most here. Enjoy a balanced gameplay environment where your achievements come from effort, not your wallet. 🌍 A Massive Community With 2000+ players expected, join a vibrant and active community of like-minded adventurers ready to conquer the world of Aden. 🏆 Fair and Competitive Gameplay Our systems are designed to promote healthy competition while avoiding abusive mechanics and exploits. 🔧 Professional Development From advanced bug fixes to carefully curated content, we pride ourselves on smooth performance, no lag, and unparalleled server quality. Key Features Chronicle: High Five with unique interface Rate: Dynamic x10 rates Class Balance: Carefully fine-tuned for a fair experience PvP Focused: PvP Ranking & aura display effect for 3 Top PvPers every week Custom Events: Seasonal and permanent events to keep you engaged Additional Features:   Custom Endgame Content: Introduce unique dungeons, raids, or zones unavailable in other servers. Player-Driven Economy: Implement a strong market system and avoid overinflated drops or rewards. Epic Siege Battles: Announce special large-scale sieges and PvP events. Incentives for Streamers and Clans: Attract influencers and big clans to boost server publicity. Roadmap Transparency: Share a public roadmap of planned updates to build trust and excitemen   Here you can read all the features: https://l2soe.com/features   Video preview: Join the Revolution! This is your chance to be part of something legendary. L2 Saga of Eternia is not just a server; it’s a movement to redefine what Lineage 2 can be. Whether you’re a seasoned veteran or a newcomer to the world of Aden, we invite you to experience Lineage 2 at its finest.   Official Launch Date: December 6th 2024 Website: https://l2soe.com/ Facebook: https://www.facebook.com/l2soe Discord: https://discord.com/invite/l2eternia   Let’s build the ultimate Lineage 2 experience together. See you in-game! 🎮
    • That's like a tutorial on how to run l2 on MacOS Xd but good job for the investigation. 
    • small update: dc robe set sold   wts adena 1kk = 1.5$ 
  • Topics

×
×
  • Create New...