RCON Source Code available here.

I am also unemployed now IMHO it was a great move, as it will allow me to have a break from doing anything really for the first time since I started school when I was 4 or 5… it has also given me the push I needed to go back to college and train myself up .

I have been working on a few projects now too with my increase in available time, however I’m not going to say much about them at the moment in case I don’t finish em.

I would also like to mention at this point, that I have not looked into causing errors on the RCON, ie invalid logins etc… so be warned, while most of this should work, I cannot and will not guarantee it. Also, it is written for Python 2.6, not 3.whatever… I will be getting a few more people on board to help with this soon and we will be cleaning it up, adding error handling etc…

Anyways, here is what you have all been waiting for….

#!/usr/bin/python
 
'''
_______               ________      .___
\   _  \__  _  ______ \_____  \   __| _/
/  /_\  \ \/ \/ /    \  _(__  <  / __ |
\  \_/   \     /   |  \/       \/ /_/ |
 \_____  /\/\_/|___|  /______  /\____ |
       \/           \/       \/      \/
                    http://hackdev.com
 
Author:
    Steven from hackdev.com
 
File History:
    09/11/10:
        [+] Initial Inception. Proof of concept written entirely inline that
            allows for a single hard coded command to be sent to the server.
 
    10/11/10:
        [+] Creation of functions to handle the sending and receiving of commands.
        [+] Added the ability for users to change passwords in the configuration
            section of the script.
        [+] Broke commands, preambles etc... into variables for easier use & modification.
        [+] Added comments, previous code did not contain comments. ** Important **
    14/11/10:
        [+] Added command boGetPlayerList
        [+] Added command boSayToServer
        [+] Added command boSayToPlayer
        [+] Figured out that not everything has to be done in \x68\x65\x78
 
'''
 
import socket       #Used for creating the UDP sockets
 
#-----------------------------------------------------------------------------------
#   User Configurable Options
#-----------------------------------------------------------------------------------
 
boHost          = ""      #The server IP
boPort          = 3074                  #The server Port
boPassword      = ""              #The RCON Password
 
#-----------------------------------------------------------------------------------
#   End User Configurable Options
#-----------------------------------------------------------------------------------
 
svrAddress = (boHost, boPort)           #Used to create a tuple of host & port
 
#-----------------------------------------------------------------------------------
#   Command Definitions, sorry about the variables :(
#-----------------------------------------------------------------------------------
global cmdPreamble
cmdPreamble  = "\xff\xff\xff\xff\x00"                       #Preamble used to prefix the packet
global cmdSeporator
cmdSeporator = "\x20"                                       #Seporator used between password & command
global cmdPostamble
cmdPostamble = "\00"                                        #Ending of the packet, end of command
 
#-----------------------------------------------------------------------------------
#   Socket Generation
#-----------------------------------------------------------------------------------
udpSock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
 
#-----------------------------------------------------------------------------------
#   Function used to send commands to the server, function returns the
#   data returned from the query, unformatted...
#-----------------------------------------------------------------------------------
 
def boSendCommand(boCommand, boArgument=0, recvBufferSize=4096):
    if not boArgument:
        commandBuffer = cmdPreamble + boPassword + cmdSeporator + boCommand + cmdPostamble
    else:
        commandBuffer = cmdPreamble + boPassword + cmdSeporator + boCommand + cmdSeporator + boArgument + cmdPostamble
    boSentBytes = udpSock.sendto(commandBuffer, svrAddress)     #Send the data to the server
    if (boSentBytes < len(commandBuffer)):                      #Check the num of bytes sent
        print("An error was encountered while sending the command %s", boCommand)
    boRecvBuffer = udpSock.recv(recvBufferSize)                 #Receive the data returned
 
    if len(boRecvBuffer) > 0:                                   #Check to ensure there is something
        return boRecvBuffer                                     #Return the buffer
    else:
        return 0                                                #If theres nothing, return 0
 
def boGetPlayerList():
    playerlist = boSendCommand("teamstatus")
    if not playerlist:
        return 0
    else:
        return playerlist
 
def boSayToServer(message):
    if not message:
        return 0
    else:
        servermessage = boSendCommand("say", '"' + message + '"')
        if not servermessage:
            return 0
        else:
            return servermessage
 
def boSayToPlayer(message, playerID):
    if not message or not playerID:
        return 0
    else:
        playermessage = boSendCommand("tell", playerID + "\x20" + '"' + message + '"')
        if not playermessage:
            return 0
        else:
            return playermessage
 
print("Playerlist")
myPlayerList = boGetPlayerList()
print(myPlayerList)
 
print("Server Message")
myServerMessage = boSayToServer("Testing!")
print(myServerMessage)
 
print("Player Message")
myPlayerMessage = boSayToPlayer("Testing 123", "1")
print(myPlayerMessage)

AFAIK, I am the first person in the world outside of treyarch to have done this and I have elected to share this with all of you, it may not be clean, and it may not be fancy… but damn it it works! (Its late and I haven’t slept…) Please keep in mind that the hostname and login message have been removed from the script as they contain identifiable information for my server. Enjoy this, and happy hacking! – I would also like to point out I wouldn’t have done this, at least as quickly, if it wasn’t for Ajurna of the mighty IrishPirates!

#
 
import socket
import string
 
boHost = ""
boPort = 3074
boAddr = (boHost, boPort)
 
boLoginMsg = "\xff\xff\xff\xff\x00___OMITTED____\x20\x64\x76\x61\x72\x6c\x69\x73\x74\x00"
 
udpSock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
boSentBytes = udpSock.sendto(boLoginMsg, boAddr)
 
if (boSentBytes < len(boLoginMsg)):
    print("Message not sent...")
else:
    print("Message sent...")
 
boRecv = udpSock.recv(4096)
 
if len(boRecv) > 0:
    print("Received ", boRecv)
else:
    print("Received Nothing...")
 
udpSock.close()
 
fileHandler = open("out.txt", "w")
print >> fileHandler, boRecv

I have been working hard here in the background getting rid of all of my hosting accounts and consolidating everything into one (relatively) easy to manage VPS or Virtual Private Server which I got for cheap from the guys (and presumably girls) at ThrustVPS who seem to be running  tight ship, I don’t have any stats on uptime or that so far; but everything has gone smoothly. And when they say instant setup, they mean it.

Thats enough of plugging someone else’s company for now… not that I have my own to run… yet. I have managed so far to implement a custom firewall that suits my needs quite nicely, my own email system, the general webserver / mySQL server etc… and all seems to be running very smoothly for such a cheap box, I do intend however to document all of the install processes I have gone through to get this far, and if your really nice, I might even share my custom backup script with y’all.

Anyways, I just said I would pop on and give a quick update before I get to bed for work.

Some of the things you should probably have already if you want to get the best out of Linux Firewalls is…

• A comfortable familiarity with the distribution of Linux you wish to use.
• Basic understanding of how networks communicate.
• Reasonable understanding of how TCP works (ie. the three way handshake)
• Reasonable understanding of how UDP works
• A system to test this stuff on, if you don’t have a system to test this stuff out on, you could always set up a few virtual machines using VirtualBox or VMWare.
• A will to learn about this kind of stuff

Missing any one of these things (except the will to learn, thats pretty important) probably isn’t going to be a huge deal, but if your missing a lot of them, you might struggle a bit with some of the concepts.

Here is a sample of one of the basic Linux Firewall scripts that I have adapted from the book…

#!/bin/sh
 
#Port and IP addresses changed to protect the innocent.
 
IPTABLES=/sbin/iptables
MODPROBE=/sbin/modprobe
 
### Flush existing rules and settings. Set to default drop.
echo "[+] Flushing existing iptables rules..."
$IPTABLES -F
$IPTABLES -X
#$IPTABLES -t nat -F
$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT DROP
#$IPTABLES -P FORWARD DROP
 
### Load the connection tracking modules. Not going to bother with NAT
echo "[+] Loading conntrack support..."
$MODPROBE ip_conntrack
$MODPROBE ip_conntrack_ftp
 
### Input Chain
echo "[+] Setting up INPUT chain..."
$IPTABLES -A INPUT -m state --state INVALID -j LOG --log-prefix "DROP INVALID " --log-ip-options --log-tcp-options
$IPTABLES -A INPUT -m state --state INVALID -j DROP
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
### Allowing Broadcasts
$IPTABLES -A INPUT -d 255.255.255.255 -j ACCEPT
$IPTABLES -A INPUT -d x.x.x.x -j ACCEPT #Replace the x's with your network's broadcast address
 
### Anti-spoofing measures
#$IPTABLES -A INPUT -i eth0 -j LOG --log-prefix "SPOOFED PKT "
#$IPTABLES -A INPUT -i eth0 -j DROP
 
### Accept rules...
$IPTABLES -A INPUT -i lo -j ACCEPT #All local connections
$IPTABLES -A INPUT -i eth0 -p tcp --dport 80 --syn -m state --state NEW -j ACCEPT #Webserver
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 --syn -m state --state NEW -j ACCEPT #SSHd
$IPTABLES -A INPUT -i eth0 -p tcp --dport 1000 --syn -m state --state NEW -j ACCEPT #Webmin
$IPTABLES -A INPUT -p icmp --icmp-type echo-request -j ACCEPT #Accept Ping's
 
### Output Chain
echo "[+] Setting up OUTPUT chain - Allowing all!"
$IPTABLES -A OUTPUT -j ACCEPT
 
### Forward Chain
echo "[+] Setting up FORWARD chain - Nothing to do."
$IPTABLES -A FORWARD -j LOG --log-prefix "DROP FORWARD " --log-ip-options --log-tcp-options
$IPTABLES -A FORWARD -j DROP

I hope that this impromptu book review is of at least some help to you.

Side Note: The bold bits in the posting are for a little test that I  am doing on keyword density… I’ll let you all know how it goes.

sudo adduser teamspeak

Fill in the questions presented by the adduser application.

sudo usermod -s /bin/false teamspeak

The above command will change the users shell to be /bin/false ie. no shell. Now it is time to go and get Teamspeak… visit http://www.goteamspeak.com and find the correct package for the architecture you wish to use ie. Teamspeak_3.0.0-Beta5-32bit…

wget http://ftp.4players.de/pub/hosted/ts3/releases/beta-5/teamspeak3-server_linux-x86-3.0.0-beta5.tar.gz tar -zxvf teamspeak3-server_linux-x86-3.0.0-beta5.tar.gz

Now its time to move the new TS3 directory to its new home…

sudo mv ./teamspeak3-server_linux-x86-3.0.0-beta5 /opt/TS3 sudo chown -R teamspeak /opt/TS3

The above will place TS3 in /opt/TS3 and give ownership of the contents to the user teamspeak. It is now possible to run Teamspeak, however as veteran Teamspeak users will know, the first time you run the Teamspeak server you are presented with a username/password combo that cannot be recovered without resetting the server. In TS3 you will also be presented with a `token` (all of this is described in the Teamspeak documentation). So for the first run, the following command will allow you to gather these details, they should be noted carefully for future reference.

sudo start-stop-daemon –chuid teamspeak –chdir /opt/TS3 –start –exec /opt/TS3/ts3server_linux_x86

From this, you should see the serveradmin user and password. You can now ^C that and be returned to the normal shell, if you cat /opt/TS3/logs/* you will be presented with the token you require to obtain server-admin status on the new server. The last part is to create a script for /etc/init.d/ to launch Teamspeak each time the system is booted to the correct runlevel. /etc/init.d/skeleton provides a suitable framework for this, here is the script I am using, just about… NOTE: WordPress does not want to format this correctly for me, as such, here is a link to the file in a tar archive. If you follow these instructions and are running a 32bit server, the following file will work out of the box. /etc/init.d/teamspeak This file must then be made executable with

sudo chmod +x /etc/init.d/teamspeak

And finally, the init file must be symlinked to each of the runlevel start dirs using the following…

sudo ln -s ../init.d/teamspeak /etc/rc0.d/K21teamspeak sudo ln -s ../init.d/teamspeak /etc/rc1.d/K21teamspeak sudo ln -s ../init.d/teamspeak /etc/rc2.d/S21teamspeak sudo ln -s ../init.d/teamspeak /etc/rc3.d/S21teamspeak sudo ln -s ../init.d/teamspeak /etc/rc4.d/S21teamspeak sudo ln -s ../init.d/teamspeak /etc/rc5.d/S21teamspeak sudo ln -s ../init.d/teamspeak /etc/rc6.d/K21teamspeak

Viola, you should now have a working Teamspeak 3 server.

BOOTNOTE:

For my initial install, and for the basis of the majority of this, I used this as a reference. Items listed in bold with ** are most likely not the correct file names for the command, I am not close to my server or an available shell to pull the correct parameters at present, but I will update ASAP. As an additional side note, my first impressions of TS3 are very good… It has tons of new features, looks good and the voice quality is very good indeed. My only concern is however the permissions system is very bulky, difficult to understand, and unless you are reasonably familiar with administering a Teamspeak server already, the documentation is not as straight forward as people believe. Still, however, a great job. Well done Teamspeak 3 development team!

UPDATE: Fixed formatting issue, kinda… provided link to pastebin.

UPDATE: Fixed information regarding server executable. Added /etc/init.d/teamspeak file, available for download here, removed pastebin link.

#! /bin/sh
### BEGIN INIT INFO
# Provides:          teamspeak
# Required-Start:    networking
# Required-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      S 0 1 6
# Short-Description: TeamSpeak Server Daemon
# Description:       Starts/Stops/Restarts the TeamSpeak Server Daemon
### END INIT INFO

set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="TeamSpeak Server"
NAME=teamspeak
USER=teamspeak
DIR=/opt/tss2_rc2
DAEMON=$DIR/server_linux
#PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME

# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0

d_start() {
        start-stop-daemon --start --quiet \
                --chuid $USER \
                --chdir $DIR \
                --exec $DAEMON \
                > /dev/null \
                || echo -n " already running"
}

d_stop() {
        start-stop-daemon --stop --quiet \
                --chuid $USER \
                --chdir $DIR \
                --exec $DAEMON \
                || echo -n " not running"
}

case "$1" in
  start)
        echo -n "Starting $DESC: $NAME"
        d_start
        echo "."
        ;;
  stop)
        echo -n "Stopping $DESC: $NAME"
        d_stop
        echo "."
        ;;
  restart|force-reload)
        echo -n "Restarting $DESC: $NAME"
        d_stop
        sleep 15
        d_start
        echo "."
        ;;
  *)
        echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
        exit 3
        ;;
esac

exit 0

Dec 7 01:30:02 phonebox sshd[14378]: Invalid user aleph from 60.19.28.27
Dec 7 01:30:02 phonebox sshd[14378]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:30:02 phonebox sshd[14378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:30:04 phonebox sshd[14378]: Failed password for invalid user aleph from 60.19.28.27 port 16699 ssh2
Dec 7 01:30:08 phonebox sshd[14461]: Invalid user pechantal from 60.19.28.27
Dec 7 01:30:08 phonebox sshd[14461]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:30:08 phonebox sshd[14461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:30:10 phonebox sshd[14461]: Failed password for invalid user pechantal from 60.19.28.27 port 17732 ssh2
Dec 7 01:30:14 phonebox sshd[14464]: Invalid user komtemp from 60.19.28.27
Dec 7 01:30:14 phonebox sshd[14464]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:30:14 phonebox sshd[14464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:30:16 phonebox sshd[14464]: Failed password for invalid user komtemp from 60.19.28.27 port 18807 ssh2
Dec 7 01:30:20 phonebox sshd[14466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27 user=root
Dec 7 01:30:22 phonebox sshd[14466]: Failed password for root from 60.19.28.27 port 19764 ssh2
Dec 7 01:30:54 phonebox sshd[14470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27 user=root
Dec 7 01:30:56 phonebox sshd[14470]: Failed password for root from 60.19.28.27 port 26354 ssh2
Dec 7 01:30:59 phonebox sshd[14473]: Invalid user test from 60.19.28.27
Dec 7 01:31:00 phonebox sshd[14473]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:31:00 phonebox sshd[14473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:31:01 phonebox sshd[14473]: Failed password for invalid user test from 60.19.28.27 port 27410 ssh2
Dec 7 01:31:05 phonebox sshd[14475]: Invalid user teste from 60.19.28.27
Dec 7 01:31:05 phonebox sshd[14475]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:31:05 phonebox sshd[14475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:31:07 phonebox sshd[14475]: Failed password for invalid user teste from 60.19.28.27 port 28724 ssh2
Dec 7 01:31:10 phonebox sshd[14477]: Invalid user teste from 60.19.28.27
Dec 7 01:31:10 phonebox sshd[14477]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:31:10 phonebox sshd[14477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:31:12 phonebox sshd[14477]: Failed password for invalid user teste from 60.19.28.27 port 29661 ssh2
Dec 7 01:31:15 phonebox sshd[14479]: Invalid user teste from 60.19.28.27
Dec 7 01:31:16 phonebox sshd[14479]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:31:16 phonebox sshd[14479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:31:18 phonebox sshd[14479]: Failed password for invalid user teste from 60.19.28.27 port 30627 ssh2
Dec 7 01:31:21 phonebox sshd[14482]: Invalid user pa$$w0rd from 60.19.28.27
Dec 7 01:31:22 phonebox sshd[14482]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:31:22 phonebox sshd[14482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:31:23 phonebox sshd[14482]: Failed password for invalid user pa$$w0rd from 60.19.28.27 port 31753 ssh2
Dec 7 01:31:26 phonebox sshd[14484]: Invalid user testing from 60.19.28.27
Dec 7 01:31:27 phonebox sshd[14484]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:31:27 phonebox sshd[14484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:31:28 phonebox sshd[14484]: Failed password for invalid user testing from 60.19.28.27 port 32702 ssh2
Dec 7 01:31:32 phonebox sshd[14486]: Invalid user tst from 60.19.28.27
Dec 7 01:31:32 phonebox sshd[14486]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:31:32 phonebox sshd[14486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:31:35 phonebox sshd[14486]: Failed password for invalid user tst from 60.19.28.27 port 33652 ssh2
Dec 7 01:31:38 phonebox sshd[14489]: Invalid user spam from 60.19.28.27
Dec 7 01:31:38 phonebox sshd[14489]: pam_unix(sshd:auth): check pass; user unknown
Dec 7 01:31:38 phonebox sshd[14489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.19.28.27
Dec 7 01:31:40 phonebox sshd[14489]: Failed password for invalid user spam from 60.19.28.27 port 34704 ssh2

Now, there is a lot more activity in the log than this, however this should give the general idea of what to look out for… If you happen to be lucky enough to have a MikroTik router, you can help slow or prevent this with some creative firewall rules, here are the rules I am using for this, as provided in the MikroTik WiKi.

/ip firewall filter add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop comment=”drop ssh brute forcers” disabled=no
/ip firewall filter add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=10d comment=”" disabled=no
/ip firewall filter add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m comment=”" disabled=no
/ip firewall filter add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment=”" disabled=no
/ip firewall filter add chain=input protocol=tcp dst-port=22 connection-state=new action=adadd chain=forward protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop comment=”drop ssh brute downstream” disabled=nod-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m comment=”" disabled=no

• PC Engines Alix .3C
• PC Engines Wrap .1D
• PC Engines Wrap .2C
• PC Engines Wrap .1C
• RB-532 (Routerboard running MicroTik firmware)
• RB-564 (Routerboard Expansion Module)

For storage, I have 5x 128mb CF cards and 1x 2GB CF card. I also have 3x PoE injectors (the quick and dirty kind), 3x CM9 radio cards, and 1x 27dBi omni-directional antenna for 2.4GHz (which by the way, is awesome)

For servers, I still have PhoneBox, a 1.6GHz Intel Atom mini-ITX machine, I am working on getting a new, shiny rackmount dual core 1.6GHz machine too so that will be two servers for a start. I have also managed to aquire a racking case thats 600mm deep and has the capacity for around 12u, although it is missing its front bezel rails – I’m fairly confident I can find them somewhere in work. Im working on getting a new (2nd hand) patch pannel to keep everything neat and tidy too. Next on my list of things to do is to get a PSU built that can run all of this equipment with UPS functionality, I do have a 3A power plex box here that I also got from FWI, however it is not working at the moment, I beleive it is the power FET thats gone and it should be a simple chop & change replacement. Failing that, I will design a SLA charging circuit and feed the 12v supply from the transformer, and the 12v supply from the SLA bank into a comparator for fast switching on a power cut. I would like to have a UPS that can maintin the routing infrastructure during an outage for 16-24 hours. As the (soon to be) two Mini-ITX servers also run off 12v, I would like to have these included in the UPS scheme for a few reasons,

1. A transformer at max-efficiency can only be around 85%, less transformers (power blocks etc…) means less power lost and a smaller electricity bill.
2. The servers will be running Linux, which in some (lots of) cases, it doesnt like just having its power yanked.
3. Everthing will be in a centralised location (at least at my station) so it will mean less wiring.
4. Everything can then be rackmounted, and there would only be a single mains feed.

I am currently trying to draw a sufficient network topology plan including wiring and subnetting for my station to allow for easy management & high security. This also involves selecting what services will be provided on the network here – more on this later.

The main equipment that is going to be used is RouterBoards running the Micro-Tik (Linux based) operating system, 5.8Ghz Wireless cards and some high gain, narrow beam (~7°) dish style antennae. The house in Dublin will have an extended mounting post fixed to the roof, while the house in Laois already has access to a nice big shiny mast (and a wind turbine)

I’m also in the middle of working on some security features for this, y’know wireless isn’t all that secure… so I will be using MAC filtering, WPA2, Radius and possibly passive IDS & Network monitoring. The Micro-Tik will take care of the first two, but I’ll be implementing a PFSense system on a PC Engines Wrap.1D too.

In order to house all of this equipment, I will be building a small(ish) NOC or Network Operations Centre in my attic, an more than likely my mate will just add the new equipment to the NOC thats already on his end. As a part of this NOC build, I will be making (meh, repairing) a 12V UPS and fitting it with some high AH batteries, moving my mini-itx to it, and building a custom P0E power distribution system.

All in all, its going to be a big, interesting project… I’ll keep you posted!

# cd /<yourserver>/cstrike/addons
# wget http://sourcemod.steamfriends.com/files/mmsource-1.7.1.tar.gz
# tar -zxvf mmsource-1.7.1.tar.gz
# rm mmsource-1.7.1.tar.gz

Ok, now we have MetaMod downloaded and extracted into the correct directory, last thing we need to do is create a VDF file to load it, MetaMod have a great VDF generator here or you can do the following…

# touch metamod.vdf
# pico metamod.vdf

Once in pico, paste the following text in ([shift]+[insert]), save with [ctrl]+o and exit with [ctrl]+x

“Plugin”
{
“file” “../cstrike/addons/metamod/bin/server_i486.so”
}

You can now restart your server and double check that MetaMod is running by typing “meta version” into the console. All done!