TCP Shield not letting me use simple voice chat.
So I run my server through TCP Shield and with the simple voice chat plugin enabled nobody can talk on the server. I am almost 100% certain it is TCP Shield causing the problem and I need help fixing this
50 Replies
Thanks for asking your question!
Make sure to provide as much helpful information as possible such as logs/what you tried and what your exact issue is
Make sure to mark solved when issue is solved!!!
/close
!close
!solved
!answered
Requested by kingman11211#0
Yeah it’s likely TCPShield
Why don’t you just try it without TCPShield to check whether it works or not lol
It does work without tcpshield
But im trying to get it to work with tcp shield
Im guessing it’s an issue with TCPShield not supporting the port it’s on or something similar
Ask in their discord possibly?
ok thx
its udp
tcpshield by default is just tcp afaik
Ic
udp atleast for bedrock is only on their 100 usd plan
Not surprising their name is TCPShield 😂
wait could i use something like velocity to hide my ip
Well, yeah you can just rent a cheaper server/vps/whatever that runs Velocity to hide the IP of the server behind it
Would it will work if i self hosted velocity
selfhosted if you mean on your machine etc
wouldnt hide
ip
because its hosted... on your ip
but a vps externally hosted on a vps like oracle cloud free tier then yes
oh thanks i didnt know what velocity did
its a proxy, it handles traffic between the backends and the end user
You can try get an oracle cloud server, and put the proxy on there.
The servers are hard to get though
dang
well..
to some degree they’re hard to get
if you upgrade to pay as you go, it still uses the free tier resources, by the capacity is much higher for paid accounts
you want ur proxy behind tcpshield or there's no reason since they just ddos the proxy all ur traffic runs thru
u realistically want a secondary VPS or cheap bare metal to run an nginx reverse proxy on
and route traffic from simple voice chat thru that
SVC is UDP
and UDP is only supported on their 100usd plan like pro said
yea i'm saying bypass tcpshield entirely by using another box and routing the traffic thru that
so u continue to obfuscate ur backend IP
i do this with votifier on a TCPShield setup
https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/
fair enough
ignore the arrow on the left i was gonna clarify that is ur server but then forgot
i think i understand
sweet
basically it's forwarding the traffic to and fro the two boxes via nginx
it's kinda a waste to need a second box but you can atleast run a mail server/web server on it to make it not completely worthless
@kingman11211 get a OVH server and proxy UDP traffic
It has very good DDoS protection and costs like 97 cents per month
this
Okay I got it fixed and this is how for anyone wondering. In the voice chat properties file there is something named
voice-host, set that to the backend IP:PORT that you set in TCP Shield. Oh and also make sure the bind_address is set to 0.0.0.0
!solvedpost closed!
The post/thread has been closed!
Requested by kingman11211#0
tcpshield lets you do this?
sorry to necro
i think you might just straight up be running this without any DDOS prot and you just exposed your IP (making the entire anti-DDOS setup null) @kingman11211
We’ve done worse around here :LUL:
yeah...
it's impossible to do that
i'm 100% sure
it'll leak your IP
Fr? Thats just how the support at tcp shield told me to do it
TCP Shield is on and connected tho
so unless its leaking my ip some other way idk
weird, is the port for SRV is open on your box?
not sure how do i check
cause the only dns settings i have in my cloudflare is the CNAME
to tcp shield
you have a vps or running on bare metal?
bare
i aint trying to setup all on vps stuff 😭
ah you have UFW or running iptables?
I dont know what either of those are, all im running is paper jar file with my plugins on a spare laptop that i can leave on 24/7
I dont know much abt this since im just hosting a small public server
could u explain what either of those are pls
ah
UFW and iptables are both Linux environment firewalls
in your case it's probably more applicable to see if you port forwarded it
Oh
yea sadly your overhead is likely to increase massively vs just running it off a spare laptop for stuff like manually proxying services D:
ok
depending on the size of your server you could honestly get away with an insecure setup for a good while
how could i secure it
and if you have dynamic ip/call telecom just recycle to a new address if some sad sod starts ddosing
CloudFlare tunnel or more realistically a cheap OVH like this
basically your aim is to always ensure there's no opportunity for your IP to leak out
oh alr
thx
cloudflare tunnel would require everyone to use it...
every player
unless you want spectrum which is 0.1 - 1 usd a gb traffic
ah yea spectrum is the one i'm thinking sorry
which is definitely overkill for this