EverQuest II
From Protocolinfo
EverQuest II is a MMORPG powered by Sony Online Entertainment, LLC. See the official website at http://eq2players.station.sony.com/
Contents |
[edit] Identification
It has been observed that EQ2 downloads patch data on TCP port 7010, retrieves information for the game launcher on TCP port 7000, sometimes through UDP for status/authentication and required game play through UDP ports.
[edit] Ports
- [IN] port > 1023 [OUT] 7000 TCP, 3016-3021 & 9700-9703 UDP: LaunchPad and Patch Servers.
- [IN] port > 1023 [OUT] 7010 TCP: Patch.
- [IN] port > 1023 [OUT] 9100 & 32800-33000 UDP: Game Client.
- [IN/OUT] ICMP Type 0 (echo reply), 3 (unreachable), 8 (echo request) and 11 (expired).
[edit] Server subnets
- 64.37.158.*
- 199.108.13.*
- 199.108.12.*
- 199.108.202.*
- 199.108.203.*
- 195.33.135.*
- CIDR: 64.37.128.0/18, 199.108.0.0/16 US(?), 195.33.128.0/19 International(?)
[edit] CIDR
One method of classifying game client data is using the CIDR.
# This example classifies traffic one-way; will need to classify the other end of traffic as well.
# Classification does not include downloadable patch data on port 7010.
if [ $ENABLE_EQ2 = "1" ]; then
echo " EQ2 ENABLED"
cidrs="64.37.128.0/18 199.108.0.0/16 195.33.128.0/19"
for cidr in $cidrs; do
$iptables -t mangle -A $gotochain -p udp -s $cidr -j MARK --set-mark ${mark}
$iptables -t mangle -A $gotochain -p tcp --sport 7000 -s $cidr -j MARK --set-mark ${mark}
done
fi
