Automated Setup Script for rAthena on Ubuntu VPS

[Scofield]

Many people have questions about how to properly set up a newly acquired VPS to run the rAthena emulator. To simplify this process, I created an automated script that handles all the necessary configuration quickly and easily.

Most tutorials available online focus on running the emulator on personal computers, but nowadays, the trend is to use a VPS for better performance and stability. With this script, you can set up your environment efficiently, even without advanced server knowledge.


 

For those who want to start a professional rAthena project, here are some tips:

1. Use MariaDB instead of MySQL

MariaDB is a community-developed fork of MySQL that offers several performance and optimization advantages, especially for large-scale applications like rAthena. While both database systems are compatible, MariaDB stands out due to its efficiency in handling intensive queries.

Benefits of using MariaDB:

• Better Performance: MariaDB is optimized for handling large volumes of data and executes complex queries faster than MySQL.

• Improved Storage Engines: Supports advanced engines like Aria and TokuDB, which enhance performance and reduce data fragmentation.

• Faster Replication: Offers faster and safer master-slave replication, ensuring better data synchronization in distributed environments.

• Open Source & Active Development: Fully open-source with a more active development cycle, meaning better features and faster bug fixes.

• Optimized Thread Pooling: Handles multiple simultaneous connections efficiently, reducing CPU overhead and improving query response time.

For an rAthena server, this translates to faster character loading, smoother gameplay, and better handling of concurrent player actions.

---

2. Use nftables instead of iptables

nftables is a modern packet filtering framework that replaces the older iptables. It is now the default in most Linux distributions and provides better performance and flexibility when managing network rules, including basic DDoS protection.

Benefits of using nftables:

• Higher Performance: Processes rules faster with a more optimized kernel implementation, reducing the impact on system resources.

• Simplified Rule Management: Uses a cleaner and unified syntax, making it easier to create and manage complex firewall rules.

• Better DDoS Mitigation: Supports more efficient rate limiting and packet inspection, allowing you to block basic DDoS attacks with minimal overhead.

• Dynamic Rules: Allows for dynamic rule adjustments without the need to reload the entire firewall configuration.

• IPv4/IPv6 Support: Handles both IPv4 and IPv6 rules natively, simplifying firewall management in modern environments.

For a professional rAthena project, nftables ensures better network protection, faster packet processing, and more efficient handling of traffic spikes during large player events or attacks.

Instructions to Use the Script:

1. Upload the script to your VPS
   Use an SCP tool or copy-paste the script contents into a file called ubuntu.sh.

2. Make the script executable:

   chmod +x ubuntu.sh

3. Run the script with root privileges:

   sudo ./ubuntu.sh

4. Follow the interactive prompts:

   • Choose between MariaDB or MySQL.

   • Input the database name, database user, and password.

   • The script will:

     • Update system packages.

     • Install required dependencies for compiling rAthena.

     • Set up MySQL or MariaDB.

     • Install and configure phpMyAdmin at /phpmyadmin.

After completing these steps, your VPS will be ready to compile and run rAthena.

 

ubuntu.sh

Edited March 28 by Scofield

[suddath]

This worked perfectly on the latest version of debian. Thank you for an easy way to setup the basics to a server for a smooth run. 

[Gidz Cross]

12 hours ago, Scofield said:

2. Use nftables instead of iptables

nftables is a modern packet filtering framework that replaces the older iptables. It is now the default in most Linux distributions and provides better performance and flexibility when managing network rules, including basic DDoS protection.

Benefits of using nftables:

• Higher Performance: Processes rules faster with a more optimized kernel implementation, reducing the impact on system resources.

• Simplified Rule Management: Uses a cleaner and unified syntax, making it easier to create and manage complex firewall rules.

• Better DDoS Mitigation: Supports more efficient rate limiting and packet inspection, allowing you to block basic DDoS attacks with minimal overhead.

• Dynamic Rules: Allows for dynamic rule adjustments without the need to reload the entire firewall configuration.

• IPv4/IPv6 Support: Handles both IPv4 and IPv6 rules natively, simplifying firewall management in modern environments.

For a professional rAthena project, nftables ensures better network protection, faster packet processing, and more efficient handling of traffic spikes during large player events or attacks.

How do you do this?

[Scofield]

#!/usr/sbin/nft -f
flush ruleset

table inet filter {
    # Conjunto dinâmico para IPs bloqueados
    set blocked_ips {
        type ipv4_addr
        flags dynamic, timeout
        timeout 1h
    }

    # Portas do Ragnarok Online
    set ragnarok_ports {
        type inet_service
        elements = { 6900, 6121, 5121, 8888 }
    }

    chain input {
        type filter hook input priority 0; policy drop;
        
        # Permitir tráfego de loopback
        iif "lo" accept
        
        # Permitir conexões estabelecidas e relacionadas
        ct state established,related accept
        
        # Proteção contra SYN Flood
		tcp flags syn \
			tcp dport { 22, 80, 443, 6900, 6121, 5121, 8888 } \
			meter syn_flood_protection { \
				ip saddr limit rate 20/second burst 40 packets \
			} \
			accept
		
        # Permitir SSH, HTTP, HTTPS
        tcp dport { 22, 80, 443 } accept
        
        # Proteção contra flood nas portas do Ragnarok
        tcp dport @ragnarok_ports \
            ct state new \
            meter ragnarok_connections { \
                ip saddr limit rate 100/second burst 50 packets \
                add @blocked_ips { ip saddr timeout 1h } \
            }

        # Bloquear IPs marcados como suspeitos
        ip saddr @blocked_ips \
            tcp dport @ragnarok_ports \
            log prefix "DDoS Attempt Blocked: " \
            drop

        # Permitir conexões normais após verificação inicial
        tcp dport @ragnarok_ports accept

        # Bloquear pacotes inválidos
        ct state invalid drop

        # Logar e descartar pacotes não permitidos
        log prefix "nftables-drop: " drop
    }

    chain forward {
        type filter hook forward priority 0; policy drop;
    }

    chain output {
        type filter hook output priority 0; policy accept;
    }
}

etc/nftables.conf

@Gidz Cross   
 

Install nftables on your VPS and then navigate to the /var/ directory. There, you will find a file named nftables.conf. Open it, and if you wish, you can use my rules.

However, keep in mind that these rules still need to be adjusted. This means that I cannot guarantee they won’t block legitimate players. Probably not, but from what I remember, a normal player makes around 2 to 4 requests per second. So, stay alert and adjust as needed.

 

Edited March 30 by Scofield

[Gidz Cross]

Thank you so much @Scofield. Will bookmark for now for future use!