editor
426
edits
This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
CrazyTeeka (talk | contribs) No edit summary |
CrazyTeeka (talk | contribs) m (PayPal (1)) |
||
(39 intermediate revisions by 2 users not shown) | |||
This firewall allows both inbound and outbound traffic to reach the steam client, all other traffic is rejected. It is written for gaming systems that will only be using the steam client.
=Static DNS=
Static DNS manages control over which IP's the steam client can use:
<syntaxhighlight lang=xml>
<dns resolvers="2001:8b0::2020 2001:8b0::2021 217.169.20.20 217.169.20.21">
<host name="cdn.akamai.steamstatic.com" ip="23.63.98.26 23.63.98.32"/>
<host name="cgpromotion.azurewebsites.net" ip="104.40.183.236"/>
<host
<host name="crl4.digicert.com" ip="66.225.197.197"/>
<host name="dreamfallchapters.azurewebsites.net" ip="191.238.8.26"/>
<host name="images.akamai.steamusercontent.com" ip="23.63.98.26 23.63.98.32"/>
<host name="media2.steampowered.com" ip="205.185.216.10 205.185.216.42"/>
<host name="media4.steampowered.com" ip="23.63.98.26 23.63.98.32"/>
<host
<host
<host name="steamcdn-a.akamaihd.net" ip="23.67.255.200 23.67.255.208"/>
<host name="steamcloudams.blob.core.windows.net" ip="168.61.58.14"/>
<host name="steamcommunity-a.akamaihd.net" ip="23.63.99.219 23.67.255.202"/>
<host name="steamcommunity.com" ip="23.63.99.219 23.67.255.202"/>
<host name="steamstore-a.akamaihd.net" ip="23.63.99.208 23.63.99.240"/>
<host name="store.steampowered.com" ip="23.205.213.78"/>
<host
</dns>
</syntaxhighlight>
=Firewall=
Outbound Rules - Change the MAC address in the source-mac= element to your own:
<syntaxhighlight lang=xml>
<rule-set name="Steam Client: Outbound" source-interface="LAN" target-interface="pppoe" no-match-action="continue">
<rule name="Steam OS: NTP"
action="accept"/>
<rule name="CDN: Akamai"
target-ip="23.
target-port="80 443"
protocol="6"
action="accept"/>
<rule name="CDN: Level 3"
target-ip="8.253.70.30 8.253.70.110
target-port="80 443"
protocol="6"
action="accept"/>
<rule name="Steam Cloud: Google Cloud Platform"
target-ip="216.58.198.208 216.58.198.240
target-port="80 443"
protocol="6"
protocol="6"
action="accept"/>
<rule name="
target-ip="2.22.133.163 2.22.139.27 23.65.43.145 66.
target-port="80 443"
protocol="6"
action="accept"/>
<rule name="Valve Software"
target-ip="103.10.124.0/
target-port="80 443"
protocol="6"
action="accept"/>
<rule name="Deny All"
source-mac="
action="reject"/>
</rule-set>
Inbound Rules - Change the IP address in the target-ip= element to your own:
<syntaxhighlight lang=xml>
<rule-set name="Steam Client: Inbound" target-interface="LAN" no-match-action="reject">
<rule name="Allow Firebrick" source-interface="self"/>
</rule-set>
</syntaxhighlight>
=Technical Notes=
Steam
*media.steampowered.com = Akamai
*media3.steampowered.com = Level 3
*media4.steampowered.com = Akamai
==Origin Server==
The origin server is where each CDN will pull
*cdn-01-origin.steampowered.com
*cdn-01.steampowered.com
==Steam Client==
This documents what hostnames the steam client uses and when.
On startup:
*repo.steampowered.com
*client-download.steampowered.com
*cdn.akamai.steamstatic.com
*steamcommunity.com
*br01.broadcast.fra.steamstatic.com (Randomly Selected)
*br01.broadcast.lax.steamstatic.com (Randomly Selected)
*br01.broadcast.lon.steamstatic.com (Randomly Selected)
*br01.broadcast.ord.steamstatic.com (Randomly Selected)
*br01.broadcast.sto.steamstatic.com (Randomly Selected)
*br02.broadcast.fra.steamstatic.com (Randomly Selected)
*br02.broadcast.lax.steamstatic.com (Randomly Selected)
*br02.broadcast.lon.steamstatic.com (Randomly Selected)
*br02.broadcast.ord.steamstatic.com (Randomly Selected)
*br02.broadcast.sto.steamstatic.com (Randomly Selected)
*br03.broadcast.fra.steamstatic.com (Randomly Selected)
*br03.broadcast.lax.steamstatic.com (Randomly Selected)
*br03.broadcast.lon.steamstatic.com (Randomly Selected)
*br03.broadcast.ord.steamstatic.com (Randomly Selected)
*br03.broadcast.sto.steamstatic.com (Randomly Selected)
*br04.broadcast.fra.steamstatic.com (Randomly Selected)
*br04.broadcast.lax.steamstatic.com (Randomly Selected)
*br04.broadcast.lon.steamstatic.com (Randomly Selected)
*br04.broadcast.ord.steamstatic.com (Randomly Selected)
*br04.broadcast.sto.steamstatic.com (Randomly Selected)
Entering the Store:
*store.steampowered.com
*store.akamai.steamstatic.com
Exploring your Queue:
*store.steampowered.com
*cdn.akamai.steamstatic.com
PayPal Payments:
*store.steampowered.com
*ocsp.digicert.com
*crl4.digicert.com
*www.paypal.com
*s2.symcb.com
*s1.symcb.com
*www.paypalobjects.com
*paypal.d1.sc.omtrdc.net
*t.paypal.com
==Steam Cloud==
The steam cloud
Deponia: The Complete Journey
*dreamfallchapters.azurewebsites.net
*steamcloud-dub.s3.amazonaws.com
==IP Reference==
This documents what range of IP's belong to which CDN node and steam hostname.
cdn.akamai.steamstatic.com:<br>
cdn.store.steampowered.com:<br>
clientconfig.akamai.steamstatic.com:<br>
images.akamai.steamusercontent.com:<br>
media.steampowered.com:<br>
media4.steampowered.com:<br>
repo.steampowered.com:<br>
store.akamai.steamstatic.com:
*a1507.d.akamai.net
*23.63.98.26 (Primary)
*23.63.98.32 (Primary)
*23.63.98.10
*23.63.98.17
*23.63.98.18
*23.63.98.19
*23.63.98.27
*23.63.98.33
*23.63.98.41
*23.63.98.43
*23.63.99.58
*23.63.99.90
*104.86.110.249
*104.86.111.137
steamcommunity-a.akamaihd.net:
*a1697.g.akamai.net
*23.63.99.219 (Primary)
*23.67.255.202 (Primary)
*104.86.110.24
*104.86.110.75
steamstore-a.akamaihd.net:
*a1737.g.akamai.net
*23.63.99.208 (Primary)
*23.63.99.240 (Primary)
*104.86.110.24
*104.86.110.81
steamcdn-a.akamaihd.net:
*a1843.g.akamai.net
*23.67.255.200 (Primary)
*23.67.255.208 (Primary)
*104.86.110.27
*104.86.110.35
|