Svr 2008 IIS

Some of you know / guessed, I'm trying to set up a new server on 2k8 OS. I've done 2000, and 2k3... and my main goal is getting a working Clan system, and using IIS, as well as seeing (first hand) how the UAC interaction plays out.

My initial setup is 2k8 x86 (32-bit).

Now, I have the files in place, the DB set up and even a working ODBC connection. (I presume. I can access the DB via ODBC, but I can't prove the server using it.)

When I try to log in from a client, the client succeeds in making a connection to the server system, (host machine) 1 packet is logged by the PT server app, (the server program, not the host machine) but by monitoring TCP/IP stack on the server, I see that the connection is actually with the [system] process, not the PT Server executable.

The client then says "Connection failed" and any other attempt to connect with it, or any other client usually crashes the client.

The server opens a "TIME_WAIT" connection on 10009 to the [system] process for each client connection attempt, the last of these will be closed when I kill the server, but the only way to get rid of them all so that I can try again seems to be to reboot the server.

Additionally, the [system] process on my client PC holds those "TIME_WAIT" connections open so long as both systems are running.

I've not seen this on any other system, and it's not an issue I was expecting to encounter on Svr2k8. Window Firewall hasn't changed much since 2k3, this appears to be nothing to do with UAC, and again DEP hasn't changed that much since 2k3.

The one thing I can think of, is that I never ran IIS on 2k or 2k3, so it's possible that there is some base internet filtering going on in the IIS service, which might show up under the "[system]" process, because it is an NT core service, not a separate process in it's own right.

I've tried the IPFilt settings on the TCP/IP protocol of the servers NIC... I can block everything there, but no amount of expressly allowed port 10009 on TCP / UDP will allow it to bypass this [system] process. I've made sure there is an exception to allow port 10009, and / or to my PT server executable. Again, I can block communications to it that way, but can't bypass the packets getting stuck in this [system] process.

Anybody else seen this and have an answer, or any pointers?

This could be the "same issue" as the recent spate of "Connection failed" help requests, but I hope this one has some real information behind it. eg. I know the packets are being sent to the right IP, that the server app is getting the first one, but nothing after that, and that the OS is holding the connection open (tying up port 10009) even after the server app and client are closed, etc.

For the information of others:-

Spoiler:

The initial connection the client makes to the "LISTENING" port on the server at port 10009, should then be converted to a (seemingly random) communication port for that particular client, leaving port 10009 free and "LISTENING" for other clients to make their initial contact on.

Your server works without IIS?

I tried using SQL.DLL + Clan.dll and it worked correctly.

My SQL.dll + Clan.dll + hotuk.ini

OBS: dll to let IP (LOCAL) 127.0.0.1!

2shared - download Servidor.rar

Okay... Yes, my server works without IIS. There is only 1 reason to use IIS, and that is Clans. Even then, there is only one file in any clan system which is specific to IIS, the rest can work on any WSH / ASP capable web server. Adapting the client to work without that one .net (ASPX) Server Side Script page is not impossible, and many clan systems I see posted here actually put ASP, not ASPX into the ASPX page.

Thanks for the share Harsaphes, but this problem exists even if I use ODBC without SQL.dll and Clan.dll, and have no Clans set up in hotuk.ini. This is the OS filtering TCP/IP communication with my server, and not understanding the protocol well enough to allow a client to log in, terminating both ends by waiting for more information which neither are intending to give until they have had a response from the other. A response which will never arrive, because [system] is holding the existing information in a "TIME_WAIT" state. Presumably, it considers complete PT packets to be only partial transmissions.

IIS has some base level filtering modules... maybe I can disable them? IDK I'm pretty new to the current state of affairs with full-blown IIS.

Long time ago I tried to run PT server on Windows Server 2008 R2 64bit but server was crashing on it right away so I give up.

You can always run clan files on Apache (mod_aspdotnet). When I mixed them with MySQL I had 1 bug but on MS SQL it might not show up. I can rewrite clan files for Apache/MS SQL if you need them.

Didn't you release your MySQL Clan.dll and SQL.dll Vormav? Or have you improved them since then? If not, I believe I still have a copy.

However, when people purchase a Windows Dedi or VPS to host PT, it will usually be 2008... and probably x64 these days. So the primary purpose of this exercise is so that I can better help them.

IIS comes with Server 2008 and interacts best with MS-SQL 2008 R2... so, that's what I was aiming to achieve. Besides which, if I can watch how IIS handles the clan files normally, I can look at writing "plugable" SQL.dll and Clan.dll for other database engines, but I need to see what they do when they are running normally. Originally I intended to try this on 2003 Server, but the basic "Standard Server" version of that which I have doesn't come with IIS out-of-the-box. :(: (There is a download for it on M.I.B. I think)

I expected to have problems, everyone I know who has attempted it has struggled in one way or another, but to be honest, I thought the x64 bit would be more difficult (hence why I started with x86) and I've not heard anyone mention this issue.

I added some base security filters to IIS, and I'm thinking I should try to remove them. They shouldn't affect services that aren't run on IIS, (http / ftp) but if they are picking up my PT game packets before the PT server, who knows what they might make of them. Adding filters to IIS in 2008 is really easy... not sure how easy it is to remove them, but I guess that is my next step.

Anyway, I know Moons, Gregoo and Airbourn have managed to get this working and I'm sure others did too. Maybe the problems they had where different to this one I'm having.

I was talking about Apache + MS SQL (only changes that I made are in scripts (asp->aspx))... I am beta testing those files now, so I might release them later. For me PT running on MS SQL server 2008 normally, no problems.

--EDIT--

Here you go:
http://forum.ragezone.com/f399/clan-...ms-sql-708185/
my backup ;)

Funny thing is that those files don't share same bug that was in MySQL edition (when 3 peoples from different clans where near they saw same clan on other peoples).

Good luck with your PT on win 2008.