I'm trying to run an Ark: Survival Evolved server from my home, and having trouble connecting to it. I've been trying to solve the issue for a couple days now, and kind of desperate, hoping that someone could help, please?
So, I'm running it on Proxmox inside and LXC container running Debian using LinuxGSM. LXC container gets it's IP from the mikrotik router and it has it's own separate LAN IP, and there's no firewall installed in the container. So I assume that the only firewall at work is Mikrotik one.
Me and other people can see the server when using Steam - Servers, entering my WAN or LAN IP and clicking "Find servers on this address" correctly finds Ark server on port 7777, and shows it's name and current\max player count correctly. It also shows that there's currently 1 player on the server, though I'm not sure if it's a bug or if someone actually found my server and started playing on it. For now I have to assume that someone is in fact able to play on it from outside my network.
So first I'd like to double and triple check my forwarding rules. While they worked for Rust, maybe Rust used some different approach or whatnot. Here's a script I wrote and use to create 'port forwarding' rules. Could someone please check it and see if there are any mistakes I'm making? Or maybe I should use completely different approach?
I use this script to forward ports 7777, 7778 and 27015 as required by Ark server.
https://pastebin.com/n1QA83Jj
Code: Select all
# Full Hairpin NAT
# Optimized for static LAN addresses as Masquerade uses more CPU
# Based on this article https://interface31.ru/tech_it/2019/07/probros-portov-i-hairpin-nat-v-routerah-mikrotik.html
:global wanIp "wan.ip";
:global wanInterface "ether1";
:global routerIp "192.168.1.1";
:global lanMask "192.168.1.0/24"
:global localPort "27015";
:global localIp "192.168.x.x";
:global port "27015";
:global comment "Ark: Island";
/ip firewall nat add action=dst-nat chain=dstnat dst-address=$wanIp dst-port=$port protocol=tcp to-addresses=$localIp to-ports=$localPort comment=$comment
/ip firewall nat add action=dst-nat chain=dstnat dst-address=$wanIp dst-port=$port protocol=udp to-addresses=$localIp to-ports=$localPort comment=$comment
/ip firewall nat add action=src-nat chain=srcnat dst-address=$localIp dst-port=$localPort protocol=tcp src-address=$lanMask to-addresses=$routerIp to-ports=$port comment=$comment
/ip firewall nat add action=src-nat chain=srcnat dst-address=$localIp dst-port=$localPort protocol=udp src-address=$lanMask to-addresses=$routerIp to-ports=$port comment=$comment
/ip firewall filter add action=accept chain=forward dst-port=$localPort in-interface=$wanInterface protocol=tcp comment=$comment
/ip firewall filter add action=accept chain=forward dst-port=$localPort in-interface=$wanInterface protocol=udp comment=$comment