登陆网关(LoginGate) + 角色网关(SelGate)详解

传奇这款游戏，一直对我的影响很大。当年为了玩传奇，逃课，被老师叫过N次家长。言归正传，网上有很多源码，当然了，都是Delphi的。并且很多源码还不全，由于一直学习的C、C++。Delphi还真不懂。无奈硬着头皮上。好了。废话不多说。开始。

登录网关，负责游戏最开始的登录处理（与账户服务器LoginSvr通讯）。验证登录器输入的账户密码是否正确。

界面上的控件很多。其实干活的就 就 三个：“TServerSocket”、“TClientSocket”、“DecodeTimer”这三个控件。

ServerSocket：负责与登录器进行通讯，它做的操作：

1、接收连接，代码如下：

1. {
2. 函数功能：接受客户端连接，发送消息到 登录服务器
3. }
4. procedure TFrmMain.ServerSocketClientConnect(Sender: TObject;
5. Socket: TCustomWinSocket);
6. var
7. UserSession:pTUserSession;
8. sRemoteIPaddr,sLocalIPaddr:String;
9. nSockIndex:Integer;
10. IPaddr :pTSockaddr;
11. begin
12. Socket.nIndex:=-1;
13. // 客户端IP地址
14. sRemoteIPaddr:=Socket.RemoteAddress;
16. if g_boDynamicIPDisMode then begin
17. sLocalIPaddr:=ClientSocket.Socket.RemoteAddress;
18. end else begin
19. sLocalIPaddr:=Socket.LocalAddress;
20. end;
22. // 过滤ip
23. if IsBlockIP(sRemoteIPaddr) then begin
24. MainOutMessage(‘过滤连接: ‘ + sRemoteIPaddr,1);
25. Socket.Close;
26. exit;
27. end;
28. // 当前IP是否可以连接
29. if IsConnLimited(sRemoteIPaddr) then begin
30. case BlockMethod of
31. // 断开
32. mDisconnect: begin
33. Socket.Close;
34. end;
35. // 动态过滤
36. mBlock: begin
37. New(IPaddr);
38. IPaddr.nIPaddr:=inet_addr(PChar(sRemoteIPaddr));
39. TempBlockIPList.Add(IPaddr);
40. CloseConnect(sRemoteIPaddr);
41. end;
42. // 永久过滤
43. mBlockList: begin
44. New(IPaddr);
45. IPaddr.nIPaddr:=inet_addr(PChar(sRemoteIPaddr));
46. BlockIPList.Add(IPaddr);
47. CloseConnect(sRemoteIPaddr);
48. end;
49. end;
50. MainOutMessage(‘端口攻击: ‘ + sRemoteIPaddr,1);
51. exit;
52. end;
54. // 如果网关准备好了
55. if boGateReady then begin
56. for nSockIndex:= 0 to GATEMAXSESSION – 1 do begin
57. UserSession:=@g_SessionArray[nSockIndex];
58. if UserSession.Socket = nil then begin
59. UserSession.Socket:=Socket;
60. UserSession.sRemoteIPaddr:=sRemoteIPaddr;
61. UserSession.nSendMsgLen:=0;
62. UserSession.bo0C:=False;
63. UserSession.dw10Tick:=GetTickCount();
64. UserSession.dwConnctCheckTick:=GetTickCount();
66. UserSession.boSendAvailable:=True;
67. UserSession.boSendCheck:=False;
68. UserSession.nCheckSendLength:=0;
69. UserSession.n20:=0;
70. UserSession.dwUserTimeOutTick:=GetTickCount();
71. UserSession.SocketHandle:=Socket.SocketHandle;
72. UserSession.sIP:=sRemoteIPaddr;
73. UserSession.MsgList.Clear;
74. Socket.nIndex:=nSockIndex;
75. Inc(nSessionCount);
76. break;
77. end;
78. end;
79. // 和本地登录服务器进行通讯
80. if Socket.nIndex >= 0 then begin
81. ClientSocket.Socket.SendText(‘%O’ +
82. IntToStr(Socket.SocketHandle) +
83. ‘/’ +
84. sRemoteIPaddr +
85. ‘/’ +
86. sLocalIPaddr +
87. ‘$’);
88. MainOutMessage(‘Connect: ‘ + sRemoteIPaddr,5);
89. end else begin
90. Socket.Close;
91. MainOutMessage(‘Kick Off: ‘ + sRemoteIPaddr,1);
92. end;
93. end else begin //0x004529EF
94. Socket.Close;
95. MainOutMessage(‘Kick Off: ‘ + sRemoteIPaddr,1);
96. end;
97. end;

说白了，别看 那些IP过滤规则和连接限制什么的。就是 来了一用户，直接保存到一个 UserSession中。然后通知LoginSvr，有人连接了。。现在市面上的什么：GOM、HeroM2、HGEM2（原3K、IGE）、Legend、GEEM2、77M2…都是换汤不换药。变的就是 加密方式。这里不得不说，JSocket就是TServerSocket、TClientSocket的控件，懒得看源码，看了下其属性，大致就可以了解到。

是采用的线程池的Select模型。早期的游戏，都采用这种方式，不过，对于私*服，连接量不大，完全足够应付。其实有更好的解决办法，那就是IOCP来管理。效率更高。Windows下最适合的模型了。

2、断开连接，代码如下：

1. procedure TFrmMain.ServerSocketClientDisconnect(Sender: TObject;
2. Socket: TCustomWinSocket);
3. var
4. I:Integer;
5. UserSession:pTUserSession;
6. nSockIndex:Integer;
7. sRemoteIPaddr:String;
8. IPaddr :pTSockaddr;
9. nIPaddr :Integer;
10. begin
11. sRemoteIPaddr:=Socket.RemoteAddress;
12. nIPaddr:=inet_addr(PChar(sRemoteIPaddr));
13. nSockIndex:=Socket.nIndex;
14. for I := 0 to CurrIPaddrList.Count – 1 do begin
15. IPaddr:=CurrIPaddrList.Items[I];
16. if IPaddr.nIPaddr = nIPaddr then begin
17. Dec(IPaddr.nCount);
18. if IPaddr.nCount <= 0 then begin
19. Dispose(IPaddr);
20. CurrIPaddrList.Delete(I);
21. end;
22. Break;
23. end;
25. end;
26. if (nSockIndex >= 0) and (nSockIndex < GATEMAXSESSION) then begin
27. UserSession:=@g_SessionArray[nSockIndex];
28. UserSession.Socket:=nil;
29. UserSession.sRemoteIPaddr:=”;
30. UserSession.SocketHandle:=-1;
31. UserSession.MsgList.Clear;
32. Dec(nSessionCount);
33. if boGateReady then begin
34. ClientSocket.Socket.SendText(‘%X’ +
35. IntToStr(Socket.SocketHandle) +
36. ‘$’);
37. MainOutMessage(‘DisConnect: ‘ + sRemoteIPaddr,5);
38. end;
39. end;
40. end;

删除，释放，并通知 LoginSvr，有人断开连接了…

3、接收数据，代码如下：

1. procedure TFrmMain.ServerSocketClientRead(Sender: TObject;
2. Socket: TCustomWinSocket);
3. var
4. UserSession:pTUserSession;
5. nSockIndex:Integer;
6. sReviceMsg,s10,s1C:String;
7. nPos:Integer;
8. nMsgLen:Integer;
9. begin
10. nSockIndex:=Socket.nIndex;
11. if (nSockIndex >= 0) and (nSockIndex < GATEMAXSESSION) then begin
12. UserSession:=@g_SessionArray[nSockIndex];
13. sReviceMsg:=Socket.ReceiveText;
14. if (sReviceMsg <> ”) and (boServerReady) then begin
15. nPos:=Pos(‘*’,sReviceMsg);
16. if nPos > 0 then begin
17. UserSession.boSendAvailable:=True;
18. UserSession.boSendCheck:=False;
19. UserSession.nCheckSendLength:=0;
20. s10:=Copy(sReviceMsg,1,nPos –1);
21. s1C:=Copy(sReviceMsg,nPos + 1,Length(sReviceMsg) – nPos);
22. sReviceMsg:=s10 + s1C;
23. end;
24. nMsgLen:=length(sReviceMsg);
25. if (sReviceMsg <> ”) and (boGateReady) and (not boKeepAliveTimcOut)then begin
26. UserSession.dwConnctCheckTick:=GetTickCount();
27. if (GetTickCount – UserSession.dwUserTimeOutTick) < 1000 then begin
28. Inc(UserSession.n20,nMsgLen);
29. end else UserSession.n20:= nMsgLen;
30. ClientSocket.Socket.SendText(‘%A’ +
31. IntToStr(Socket.SocketHandle) +
32. ‘/’ +
33. sReviceMsg +
34. ‘$’);
35. end;
36. end;
37. end;
38. end;

拿到数据，转发到登录账户服务器…它主要干的事完了…

ClientSocket：负责与LoginSvr进行通讯，它做的主要工作就是，

1. procedure TFrmMain.ClientSocketRead(Sender: TObject;
2. Socket: TCustomWinSocket);
3. var
4. sRecvMsg:String;
5. begin
6. sRecvMsg:=Socket.ReceiveText;
7. ClientSockeMsgList.Add(sRecvMsg);
8. end;

你没有看错，就是接收到数据。然后保存到链表，然后等待定时器来解析操作…

DecodeTimer 定时器的工作。源码中设置的 时间精度是 1毫秒：

1. procedure TFrmMain.DecodeTimerTimer(Sender : TObject);
2. var
3. sProcessMsg :String;
4. sSocketMsg :String;
5. sSocketHandle :String;
6. nSocketIndex :Integer;
7. nMsgCount :Integer;
8. nSendRetCode :Integer;
9. nSocketHandle :Integer;
10. dwDecodeTick :LongWord;
11. dwDecodeTime :LongWord;
12. sRemoteIPaddr :String;
13. UserSession :pTUserSession;
14. IPaddr :pTSockaddr;
15. begin
16. ShowMainLogMsg();
17. if boDecodeLock or (not boGateReady)then exit;
19. try
20. dwDecodeTick:=GetTickCount();
21. boDecodeLock:=True;
22. sProcessMsg:=”;
23. while (True) do begin
24. if ClientSockeMsgList.Count <= 0 then break;
25. sProcessMsg:=sProcMsg + ClientSockeMsgList.Strings[0];
26. sProcMsg:=”;
27. ClientSockeMsgList.Delete(0);
28. while (True) do begin
29. if TagCount(sProcessMsg,‘$’) < 1 then break;
30. sProcessMsg:=ArrestStringEx(sProcessMsg,‘%’,‘$’,sSocketMsg);
31. if sSocketMsg = ”then break;
32. if sSocketMsg[1] = ‘+’ then begin
33. if sSocketMsg[2] = ‘-‘ then begin
34. CloseSocket(Str_ToInt(Copy(sSocketMsg,3,Length(sSocketMsg) – 2),0));
35. Continue;
36. end else begin //0x004521B7
37. dwKeepAliveTick:=GetTickCount();
38. boKeepAliveTimcOut:=False;
39. Continue;
40. end;
41. end; //0x004521CD
42. sSocketMsg:=GetValidStr3(sSocketMsg,sSocketHandle,[‘/’]);
43. nSocketHandle:=Str_ToInt(sSocketHandle,-1);
44. if nSocketHandle < 0 then
45. Continue;
46. for nSocketIndex:= 0 to GATEMAXSESSION – 1 do begin
47. if g_SessionArray[nSocketIndex].SocketHandle = nSocketHandle then begin
48. g_SessionArray[nSocketIndex].MsgList.Add(sSocketMsg);
49. break;
50. end;
51. end;
52. end; //0x00452246
53. end; //0x452252
54. //if sProcessMsg <> ” then ClientSockeMsgList.Add(sProcessMsg);
55. if sProcessMsg <> ” then sProcMsg:=sProcessMsg;
57. nSendMsgCount:=0;
58. n456A2C:=0;
59. StringList318.Clear;
60. for nSocketIndex:= 0 to GATEMAXSESSION – 1 do begin
61. if g_SessionArray[nSocketIndex].SocketHandle <= –1 then Continue;
63. //踢除超时无数据传输连接
64. if (GetTickCount – g_SessionArray[nSocketIndex].dwConnctCheckTick) > dwKeepConnectTimeOut then begin
65. sRemoteIPaddr:=g_SessionArray[nSocketIndex].sRemoteIPaddr;
66. case BlockMethod of //
67. mDisconnect: begin
68. g_SessionArray[nSocketIndex].Socket.Close;
69. end;
70. mBlock: begin
71. New(IPaddr);
72. IPaddr.nIPaddr:=inet_addr(PChar(sRemoteIPaddr));
73. TempBlockIPList.Add(IPaddr);
74. CloseConnect(sRemoteIPaddr);
75. end;
76. mBlockList: begin
77. New(IPaddr);
78. IPaddr.nIPaddr:=inet_addr(PChar(sRemoteIPaddr));
79. BlockIPList.Add(IPaddr);
80. CloseConnect(sRemoteIPaddr);
81. end;
82. end;
83. MainOutMessage(‘端口空连接攻击: ‘ + sRemoteIPaddr,1);
84. Continue;
85. end;
87. while (True) do begin;
88. if g_SessionArray[nSocketIndex].MsgList.Count <= 0 then break;
89. UserSession:=@g_SessionArray[nSocketIndex];
90. nSendRetCode:=SendUserMsg(UserSession,UserSession.MsgList.Strings[0]);
91. if (nSendRetCode >= 0) then
92. begin
93. if nSendRetCode = 1 then begin
94. UserSession.dwConnctCheckTick:=GetTickCount();
95. UserSession.MsgList.Delete(0);
96. Continue;
97. end;
98. if UserSession.MsgList.Count > 100 then begin
99. nMsgCount:=0;
100. while nMsgCount <> 51 do begin
101. UserSession.MsgList.Delete(0);
102. Inc(nMsgCount);
103. end;
104. end;
105. Inc(n456A2C,UserSession.MsgList.Count);
106. MainOutMessage(UserSession.sIP +
107. ‘ : ‘ +
108. IntToStr(UserSession.MsgList.Count),5);
109. Inc(nSendMsgCount);
110. end else begin //0x004523A4
111. UserSession.SocketHandle:= –1;
112. UserSession.Socket:= nil;
113. UserSession.MsgList.Clear;
114. end;
115. end;
116. end;
117. if (GetTickCount – dwSendKeepAliveTick) > 2 * 1000 then begin
118. dwSendKeepAliveTick:=GetTickCount();
119. if boGateReady then
120. ClientSocket.Socket.SendText(‘%–$’);
121. end;
122. if (GetTickCount – dwKeepAliveTick) > 10 * 1000 then begin
123. boKeepAliveTimcOut:=True;
124. ClientSocket.Close;
125. end;
126. finally
127. boDecodeLock:=False;
128. end;
129. dwDecodeTime:=GetTickCount – dwDecodeTick;
130. if dwDecodeMsgTime < dwDecodeTime then dwDecodeMsgTime:=dwDecodeTime;
131. if dwDecodeMsgTime > 50 then Dec(dwDecodeMsgTime,50);
132. end;

又是一坨代码，简而言之，就是把刚才保存接收到的数据。分发到 每个用户的自己的消息链表中，然后遍历，发送出去，
代码如下：

1. // 发送用户消息
2. function TFrmMain.SendUserMsg(UserSession:pTUserSession;sSendMsg:String):Integer;
3. begin
4. Result:= –1;
5. // 如果
6. if UserSession.Socket <> nil then begin
7. // 取反
8. if not UserSession.bo0C then begin
9. // 如果不能发送,则置可用
10. if not UserSession.boSendAvailable and (GetTickCount > UserSession.dwSendLockTimeOut) then begin
11. UserSession.boSendAvailable := True;
12. UserSession.nCheckSendLength := 0;
13. boSendHoldTimeOut := True;
14. dwSendHoldTick := GetTickCount();
15. end; //004525DD
16. if UserSession.boSendAvailable then begin
17. if UserSession.nCheckSendLength >= 250 then begin
18. if not UserSession.boSendCheck then begin
19. UserSession.boSendCheck:=True;
20. sSendMsg:=‘*’ + sSendMsg;
21. end;
22. if UserSession.nCheckSendLength >= 512 then begin
23. UserSession.boSendAvailable:=False;
24. UserSession.dwSendLockTimeOut:=GetTickCount + 3 * 1000;
25. end;
26. end; //00452620
27. UserSession.Socket.SendText(sSendMsg);
28. Inc(UserSession.nSendMsgLen,length(sSendMsg));
29. Inc(UserSession.nCheckSendLength,length(sSendMsg));
30. Result:= 1;
31. end else begin //0x0045264A
32. Result:= 0;
33. end;
34. end else begin //0x00452651
35. Result:= 0;
36. end;
37. end;
38. end;

登录网关，是不是很简单，这不是重点，重点是市面上的很多引擎的登录网关都基于这套机制，只需要逆向分析下其加密算法，一个自定义网关则出来了。至于过滤规则，什么IP通道，都是浮云…

好了.

接下来是SelGate

哈哈 一句话就可以KO它…

来来来…

其实，SelGate也就是 LoginGate，其源码实现完全相同。不必怀疑，市面上大家都是这么做的…

哈哈 哈哈…