How to configure firewall for Rust game server
In this article we will be discussing a quick and simple method of securing and setting up your firewall to whitelist and protect your Rust game-server. Please direct yourself to the "Firewall Manager" page inside of your portal account.
Start by whitelisting your game ports using the chart below, and the example image.
Please note that these ports may be different based on your RUST Server configuration.
Tempest has whitelisted BattleMetrics IPs across our subnets, so customers who only use BattleMetrics RCON will not need to open their RCON port globally. This is done as an added layer of security in the case that you would like to reduce the amount of open ports on your service.
Once you have verified that your server is responding to requests over 28015/UDP and the game-server is functional you can now apply application specific filters to fine-tune the protection for your server. Direct yourself to the filters tab inside of the "Firewall Manager" once you have done this make a new filter as shown below for both Source Engine Queries as well as RakNet v2. As an addition you may also apply the TCP Symmetric Filter to the Rust+ app port, as well as applications such as SSH/RDP for further protection.
Below is an explanation of each option available for the Source Engine Queries filter.
Once you have added the Source Engine Queries filter to your Query Port, you will want to enable the RakNet v2 filter to your Game Port.
Below is a table of the recommended filters from our RUST Game Server Specialists.
Congratulations your server is now ready to go for Rust.
Start by whitelisting your game ports using the chart below, and the example image.
Please note that these ports may be different based on your RUST Server configuration.
| Port | Protocol | Source IP | Comment |
|---|---|---|---|
| 28014 | UDP | 0.0.0.0/0 | RUST Query Port - Enabled |
| 28015 | UDP | 0.0.0.0/0 | RUST Game Port - Enabled |
| 28016 | TCP | 0.0.0.0/0 | RUST RCON Port - Enabled |
| 28082 | TCP | 0.0.0.0/0 | RUST App Port - Enabled |
Tempest has whitelisted BattleMetrics IPs across our subnets, so customers who only use BattleMetrics RCON will not need to open their RCON port globally. This is done as an added layer of security in the case that you would like to reduce the amount of open ports on your service.
Once you have verified that your server is responding to requests over 28015/UDP and the game-server is functional you can now apply application specific filters to fine-tune the protection for your server. Direct yourself to the filters tab inside of the "Firewall Manager" once you have done this make a new filter as shown below for both Source Engine Queries as well as RakNet v2. As an addition you may also apply the TCP Symmetric Filter to the Rust+ app port, as well as applications such as SSH/RDP for further protection.
Below is an explanation of each option available for the Source Engine Queries filter.
| Option | Explaination |
|---|---|
| Port | This is the port that the filter is applied to. This should be whatever your Query Port is set to. |
| Strict Mode | This option, when set to "Yes", will only allow Source Engine Queries through the firewall to that port. |
| A2S Caching | This option, when set to "Yes", will enable A2S Caching on the network edge. This helps allow your server to show across regions, instead of being stuck to a single region on the server browser |
| Port Override | This option allows you to "forward" the Steam Queries to a separate port. This feature is used if you want to have queries for a single server on multiple ports. |
Once you have added the Source Engine Queries filter to your Query Port, you will want to enable the RakNet v2 filter to your Game Port.
Below is a table of the recommended filters from our RUST Game Server Specialists.
| Filter Name | Port | Options |
|---|---|---|
| Source Engine Queries | 28015 | Strict Mode : No, A2S Caching : Yes, Port Override : 28014 |
| Source Engine Queries | 28014 | Strict Mode : Yes, A2S Caching : Yes, Port Override : BLANK |
| RakNet v2 | 28015 | Accept Server Queries : Enabled |
| TCP Service (Symmetric) | 28016 | Max PPS : Unlimited |
| TCP Service (Symmetric) | 28082 | Max PPS : Unlimited |
Congratulations your server is now ready to go for Rust.
Updated on: 25/04/2023
Thank you!