Legacy GM [Solved] To make WAN connection... I have to reveal my IP to client?!

X

XirmiX

Guest
So, I follower this tutorial in order to make an attempt at making my MMO top-down shooter tank game... well, MMO:
And based on what's been written, for the client to connect to a server, they have to either be in a local area/on the same machine OR the client has to know the IP address of the location of the server... and that means that the server cannot be moved around, unless the client keeps re-downloading/the game has some function where it connects to various servers based on what the client tries out (though that would still be limited if the server moves around or whatever) the game in order to connect to the server that is in a different location. Though, that isn't the worst problem... the fact that the client has to know the IP in order to connect... I would not be able to have the server at home, because that will reveal my IP to all other players. So, my options are to host it in some other place somehow or rent a server from a company. This really sucks and is the biggest obstacle as I see it. Is there really no other way? I mean, this is having a master server connection (one of my machines holding onto account data, such as the in-game currency, experience and level, equipment each account has purchased, upgraded and currently equipped etc.) that we're talking about here. So, is there really no other way?
 
Last edited by a moderator:
B

bojack29

Guest
How else does your PC know where to send packets? How does the mail make it to your house? How do you place a phone call to call a friend? The IP address is required here. Thou you may have trouble concealing it if someone were to crack your source code, you could encrypt packets that are enroute to your server
 
X

XirmiX

Guest
How else does your PC know where to send packets? How does the mail make it to your house? How do you place a phone call to call a friend? The IP address is required here. Thou you may have trouble concealing it if someone were to crack your source code, you could encrypt packets that are enroute to your server
Well, pretty much all of my game's data will be stored into the master server, I believe. The client will simply connect in order to be able to play. Even that would still require IP address being placed into client program, I'm guessing. So, is there any actual way of concealing the IP?
 

FrostyCat

Redemption Seeker
If you are not willing to use your personal IP address, your only other choice is to rent out a VPS or dedicated server to host the central master. There has to be at least one publicly known IP to connect to.

Also, if you are thinking about writing the central master in GMS, forget it. GMS-made executables can't run headless on a VPS or dedicated server, and even if they can, they scale and handle simultaneous sessions too poorly to be worthwhile.

Learn how to program in a server-side language. Learn how to administrate a cloud server. Only then you'd have any hope of making it happen.
 
  • Like
Reactions: Roa
X

XirmiX

Guest
@bojack29 and @FrostyCat perhpas I could make it so that instead of it being master-server based, it's peer-to-peer (you can still host a server with battles and such yourself though)? Perhaps in some way that I can make it so that the account details of the user is held on their computer, however they could not open it through code unless they have something I like to call a "dev key" and they could not copy, cut, paste within or do anything with the files that hold the game's data and their account data except move it and delete it? That is if this is actually possible to do with just coding within GML and not messing with OS or the code for the folder or whatever.

If this is indeed possible, then I imagine that the player would upon the game, log into their account and then servers from around the world would be shown on a list for them on the client side. They could then pick a hosted server and join to play a battle against other players and whilst they do, the information/data/stats of their account would update during the battle on their client side, which they can only see by being within the game and being logged in. Question is as well... How protected would the game be from something like the Cheat Engine, because it's the most basic way of cheating as I know, but could still be used in order to get everything in no time.
 

FrostyCat

Redemption Seeker
The problem with that approach is the so-called "dev key" and how all the data still resides with the client.
  • If you build it into the client, then it can be discovered with a hex editor.
  • If you receive it online, then it can be discovered with Wireshark. Besides, there has to be a known master to get it from.
  • If the data gets decrypted into client memory, then it can be modded with a RAM editor or cheat engine run by the end user.
You have absolutely no control over any of this, and you will always lose. This is what you get for trusting the client with anything.

Just get over it and write a master server. The client is still free to brew whatever they want with their copy, but as long as your master server doesn't believe their kool-aid and nothing else is affected, it's business as usual.
 
  • Like
Reactions: Roa

Roa

Member
Besides all of that, you are breaking terms of use on home data line services when hosting large access public servers.

There are a few more options, but frosty pretty much got them. You can have a pass through server, that receives data and pumps it out to other smaller IPs much like a VPN, the change being that you don't need keys and routing CPU time spent on encryption.
 
X

XirmiX

Guest
The problem with that approach is the so-called "dev key" and how all the data still resides with the client.
  • If you build it into the client, then it can be discovered with a hex editor.
  • If you receive it online, then it can be discovered with Wireshark. Besides, there has to be a known master to get it from.
  • If the data gets decrypted into client memory, then it can be modded with a RAM editor or cheat engine run by the end user.
You have absolutely no control over any of this, and you will always lose. This is what you get for trusting the client with anything.

Just get over it and write a master server. The client is still free to brew whatever they want with their copy, but as long as your master server doesn't believe their kool-aid and nothing else is affected, it's business as usual.
* By discovered, do you mean that it detects that the account data is stored on the client? If that's all that you mean by discover, then that's fine, because the user would actually need to know where their account details are stored, so they can move it around if they wanna play on a different machine or something. I explicitly want to make it so that the user has to input the directory from which their login details and after logging in successfully the account data can be traced.
* Online? You mean browser-based with HTLM stuff in tact? If that's what you mean then nah, I've not planned to do that any time soon. Just download and play (of course register and login too afterwards).
* Perhaps I can make some workarounds? Not entirely sure on how the RAM editor works, but for the cheat engine, I could perhaps make it so that an actual value of something is in decimals, though the number displays as it without the decimals or perhaps I can add in some type of object that does calculations based off of sprites that are numbers, but are actually different, longer numbers (like, ten times longer or something)? So, like, the number 3 could actually be something like 698 and the user would not know about it, hence typing in 3 and the cheat engine would not detect the actual value of it, which is 689.

So long as things are set up so that the client can't edit their account from within code, I would not care much. It would be good if they could hold onto their accounts and decide whether to delete them or not and so that I can't edit their data either as their accounts are their and their own. You might be a bit surprised about this, but that's the kinda guy I am :p

Besides all of that, you are breaking terms of use on home data line services when hosting large access public servers.

There are a few more options, but frosty pretty much got them. You can have a pass through server, that receives data and pumps it out to other smaller IPs much like a VPN, the change being that you don't need keys and routing CPU time spent on encryption.
Emm, what? I can't host master servers from my house? What?! And I'm kind of confused on the whole "pass through" server thing. Google doesn't seem to give me much information on what they do.

Edit: Oh, that's what you meant. That's what I believe I thought of when I thought about dedicated servers... It's strange, but to play in Don't Starve Together, for example, even on a dedicated server, you need to have the master server active; this is why nobody could play the game whilst master server had some issues... strange.
 
Last edited by a moderator:
Top