A repository listing all the IP address listing fake, bloaty servers, and creates a firewall rule on Windows, blocking them on the spot.

Since the SteamPIPE update in 2013, which would bring the GoldSrc's query system as the same as all Source-based games, Counter-Strike 1.6 suffered from an exploit that would flood the masterservers with fake servers, deceiving players by redirecting all of them to a single, central server. Their purposes would be to scam people with fake, and potentially steal players' SteamIDs to simulate fake "active players".

Here is a small example of how the serverlist looks in CS 1.6 :

This problem does not only target Counter-Strike 1.6, but also Counter-Strike: Source, Half-Life 2: Deathmatch, Team-Fortress 2, Left 4 Dead 2, and even Counter-Strike 2, which present the same problematic issues as CS 1.6.

Despite being repeatedly reported on VALVe's Github repositories, and that the community insists it is a critical issue, VALVe does not believe this is a problem, and is refusing to fix it since a whole decade. On the contrary, according to them, their solution to prevent these from happening would simply to use a server token (GSLT) that you would generate along with the APPID to prove you made the server, as it has to be unique between each server. But, it only supports 3 games: TF2, CS2 and Garry's Mod, and does not fully fix the issue in the first place, especially on TF2's quickplay menu.

To make matters worse, this problem has been recently extended in Half-Life, shortly after the 25th anniversary update, where almost 75% of the servers listed were redirected to a single static server.

Unfortunately for the community, and unlike any Source-based game, the GoldSRC's serverbrowser does not have any blacklisting options, meaning that blocking these fake servers within the game is outright impossible.

Sadly, there isn't much to do engine-sided. The only solution to prevent seeing these fake servers is to get their IPs, and block outgoing connections to these IPs with a firewall rule.

This project was thus made to block these servers directly through a rule on your Windows firewall, so that it gets immediately filtered by your system, resulting in more honest servers.

The problem with blocking all of these fake servers is that VALVe isn't aware of this happening when sending them to the player. As a result, it might take a whole lot of time to display all servers.

We recommend you from adding any server to your favorites, so you can see them faster.

Open a Powershell window as an administrator (WIN + X, then Windows Powershell (Admin)). Copy and paste the following command, and run it :

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ch0wW/goldsrc-fake-servers-firewall/main/BlockFakeServers.ps1'))

One rule of thumb is to always look at the script before running it.

In this project's case, it downloads a .json file containing a list of fake IPs, and creates an outbound firewall rule to block them.

If there's already an entry of our Firewall rule, it will recreate it with the newest, updated values.

If you have doubts seeing a regular server or a fake server, you can quickly find out with these quick checks:

• Any server that has more than 32 players spots is guaranteed to be a fake server. GoldSRC can only support 32 players in a single server.
• Any server that has absurd players statistics (some players having more than 300 frags in less than 30 minutes) is guaranteed to be a fake server. You can even hit the refresh key repeatedly, and see absolutely new players with already a high score!
• When querying a server you think is suspicious, don't hesitate to repeat that operation a few times. If the server name, map or the player counter repeatedly changes, it's a fake server that can be safely blacklisted.