Force steam content server

From Whisper's Wiki

HOW TO FORCE A STEAM CONTENT SERVER USING WINDOWS IPSEC

By Whisper

Whispers Basic War Strats

Contents

[edit]

Introduction

This is a guide to help force your STEAM Content Server to GameArena

This will only work for Windows 2000, Windows XP Professional, Windows 2003 and Windows Vista as they are the only Windows Operating Systems that use IPSEC

Don't try to use this unless you are a BigPond user, you are wasting your time. Unless of course you are trying to connect to another ISP and are trying to connected to that ISP's Filtered STEAM Content Servers.

Anybody familiar with Firewall use and concepts will be able to reproduce the same results via their own favourite Firewall

The pictures below show the finished product but ought to give you some idea of what to expect to see

[edit]

Finding STEAM PID

Close STEAM and then go to your STEAM Folder and delete your ClientRegistry.blob File

Start STEAM

Bring up your Windows Task Manager and see what PID STEAM.EXE is. You may need to click the View menu and then click Columns than then tick the PID Option.

Image:taskman1.png

Image:pidcolumn.png

Image:taskman2.png

Now that you have the PID for STEAM.EXE open a CMD Window.

Image:startrun.png

Click the Start Button then Run Menu

Image:run.png

Then in the run dialogue box type cmd

In your CMD window type in netstat -ano

Image:netstat.png

Your STEAM ought to be trying to update at this stage, and you will notice a connection(s) on port 27030 (usually) for the PID that belongs to STEAM.

Write down or copy that IP address DO NOT USE THE IP's SHOWN IN THE PICTURE ABOVE, IT IS A GAMEARENA CONTENT SERVER!!!

This IP or DNS is what you need to block using IPSEC to ensure you get a GameArena Server

Another handy way to do most of the above, is by using a tool called TCPView from SysInternals

Image:tcpview.png

[edit]

Setting up Local Security Policy

Now go to your Administrative Tools in Control Panel then go to Local Security Policy

Image:localsecuritysettings.png

[edit]

Setting up IP Security Policy

Once you have the Local Security Policy open, click on IP Security Policies on Local Computer then right click on the right hand window, then click Create IP Security Policy

Follow the Screenshots below

Image:newipsecuritypolicy1.png

Image:newipsecuritypolicy2.png

Image:newipsecuritypolicy3.png

Image:newipsecuritypolicy4.png

Please remember that the screenshots below show a completed setup for my IPSEC Settings, you have to add your own as per the instructions below to get the same results

Image:ipsecrules.png

Click Add

Image:filterlist.png

[edit]

Adding New IP Filter Lists

Then Click Add again then you will see New IP Filter List I have renamed mine to TCP Filters. Uncheck the "Use Add Wizard" it will annoy you.

Image:tcpfilters.png

The above picture shows me blocking the Internode STEAM Content Servers

Click Add again

Image:ipblock.png

OR

Image:dnsblock.png

Fill in the IP Address or Domain Name you wish to stop receiving STEAM Content from then click ok.

Now you have to setup the Block Filer action which wil end up looking like the 1st picture below

Image:filteraction.png

Click the Filter Action Tab then click Add and follow the pictures below

Image:filterwizard.png

Image:filteractionblock.png

Image:filteractionblock2.png

Image:filteractionfinish.png

Click Finish

Click the Connection Type Tab

Image:connectiontype.png

Select All network connections

Click Apply then Click Close

[edit]

Assigning Local IP Security Policy

Image:assignlocal.png

Then Apply/Close the remaining IPSEC Windows then right click your new IP Security Policy and then Click Assign. It is important that your IPSEC Service is running.

Image:localassigned.png

MAKE SURE YOU ASSIGN YOUR POLICY OR YOU WILL HAVE WASTED YOUR TIME!!!!

Note: The following step appears to be unnecessary on Windows Vista, update occurs within seconds during active downloading.

Now you have blocked access to STEAM Content Servers you do not want to use, Close STEAM again, delete your ClientRegistry.blob File

Now wait a few minutes so the connection dies between you and any STEAM Content server you maybe connected to, use the netstat -ano to verify no open connections on port 27030 or whatever port STEAM.EXE was using according to netstat -ano

Once there are no more ESTABLISHED connections on a port STEAM.EXE was uisng, Start STEAM again

You should get a connection to GameArena now. If not, repeat the steps above again and block any other IP's of other STEAM Content Servers you try to connect to, until you get a GameArena Content Server.

GameArena Content Servers can be recognised by having STEAM.EXE connections to the 144.140.154.x or 144.140.155.x subnet

[edit]

Using IPSEC for further Online Security

You can use IPSEC to protect yourself from stupid Microsoft Ports that stay open to the Internet by blocking ports 135 137 138 138 445 593 TCP & UDP Ports if you wish, but this does break Mircosoft networking if you are using it.

There are no guarrantees that this will not stuff your system up, so if you don't know what your doing don't do it, or at least don't bug me when it blows up in your face! :)

[edit]

The Final Result

Image:gamearena.png

[edit]

More Information on IPSEC

Here are some links to Microsoft Guides on the issue I learnt from if you are interested in IPSEC but still lost

http://www.microsoft.com/serviceproviders/columns/using_ipsec.asp

http://www.microsoft.com/windows2000/techinfo/planning/security/ipsecsteps.asp

http://www.microsoft.com/windows2000/technologies/communications/ipsec/default.asp

Cheers

Whisper

Retrieved from "http://whisper.ausgamers.com/wiki/index.php/Force_steam_content_server"