The punks at ID Software

One sunny day, ID decided to add Punkbuster to Quake3 - stop cheats. Good plan! Oh, and while they're at it make sure CD key checks are put in place just to make sure anyone with a warezed copy of Quake drops out of the already dying game. Excellent.

The Problem

Quake3 now sends two packets to addresses on the internet over which you have no control. Two of the following hostnames get used:

• q3a1.evenbalance.com
• q3a2.evenbalance.com
• pbq3a.idsoftware.com
• master1.evenbalance.com
• master2.evenbalance.com
• master3.evenbalance.com
• master4.evenbalance.com
• namereg.evenbalance.com
• authorize.quake3arena.com

UDP packets are sent to these IPs, and responses are expected back... an obvious problem if you happen to have all your UDP traffic blocked! Thanks ID, you've just stopped tunnelled people playing!

I had a lot on at this point, so it took me ages to get round to writing a way round it. However, now I have done and it seems to work...

The Solution

The only way of intercepting these packets (other than capturing every outgoing UDP packet from the computer, which I don't know how to do), is to make sure the names above point to the local computer (where tunnels can redirect those UDP packets). So, to do this you can change your hosts file. It's kept in
c:$\backslash$winnt$\backslash$system32$\backslash$drivers$\backslash$etc$\backslash$hosts on WinNT-based operating systems or /etc/hosts on unix-based systems.

People can add the following lines:

127.0.0.1	q3a1.evenbalance.com
127.0.0.1	q3a2.evenbalance.com
127.0.0.1	pbq3a.idsoftware.com
127.0.0.1	master1.evenbalance.com
127.0.0.1	master2.evenbalance.com
127.0.0.1	master3.evenbalance.com
127.0.0.1	master4.evenbalance.com
127.0.0.1	namereg.evenbalance.com
127.0.0.1	authorize.quake3arena.com

This means that every time Quake3 looks for those servers, it'll try and connect to the local machine. Therefore, by forwarding the intercepted packets to the right auth servers, it should be possible to get round this.

The ports used are:

• Local UDP port 24305 should redirect to 216.40.250.37:24305
• Local UDP port 27952 should redirect to 192.246.40.56:27952

So along with the game server forwarding, we need three forwarding rules.

The Result

It works, well otherwise I wouldn't be writing this document would I! 20 connections doesn't seem nearly as good as 30, and clients can now change the IP they're connecting to without having to do anything other than edit a text file and rerunning the client. I'm pleased with the way it works, but I'd like to make sure it works with lots of people connected!