No. Both need to be set up before it will work. External Service Access means that the firewall will process the packets further (rather than just dropping them). Port Forwarding tells the firewall what should happen to those packets.
If External Service Access isn't set up, then the packets will be dropped, period. If Port Forwarding isn't set up, then the firewall will assume the packets are destined for the IPcop box, and since IPcop has nothing listening on port 6112, they'll be ignored. When you make either of these changes, the whole firewall configuration will be reset. So order doesn't really matter. Kev. ----- Original Message ----- From: "Jason Louie" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, February 11, 2003 2:33 PM Subject: Re: (clug-talk) IPCop Dynamic DNS features and port forwarding > Does order really matter on this? Should I set EXTERNAL SERVICE ACCESS > first before PORT FORWARDING? > > > Kevin Anderson wrote: > > > > I've never even seen Starcraft, and the last 2 games I played were Quake 2, > > and the original Unreal. I've never played an online game of any type. I'm > > being up front that I have no idea about the game, or what you need to make > > it work. > > > > >From what you've said, I assume you want to forward port 6112 to your > > desktop. And *THAT* I can help with. > > > > I'm assuming you're running IPcop 1.2 > > > > First, log into the web client. Then go to SERVICES, then EXTERNAL SERVICE > > ACCESS. > > > > Then create 2 entries. They should be: > > TCP - Blank - 6112 - enabled should be checked already - Default IP and > > click ADD. > > UDP - Blank - 6112 - enabled should already be checked - Default IP and > > click ADD. > > > > What this does is create firewall rules that allow TCP or UDP traffic to be > > processed further rather than simply being dropped. > > > > Next, go to Services, then Port Forwarding. > > > > Again, 2 additional entries. > > TCP - 6112 source port - the Destination IP is the IPaddress of your son's > > desktop.(192.168.0.1 for example) - 6112 dest port - enabled - source IP is > > default IP and then click add. > > Then do the same thing again, except with UDP as the protocol. > > > > That should be it. > > > > Kev. > > > > ----- Original Message ----- > > From: "Jason Louie" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Tuesday, February 11, 2003 12:45 AM > > Subject: Re: (clug-talk) IPCop Dynamic DNS features and port forwarding > > > > > I don't think to problem resides in not forwarding ports, it seams 21 > > > and 80 are in fact working. It's port 6112 that I can't seam to get > > > open. How would I test to see if the port is indeed open. Most sites > > > I've found check only the main ports, (ftp, http, telnet...) The port I > > > need open according to Battle.net is port 6112 TCP/UDP. I've tried > > > http://www.auditmypc.com but no matter what I do port 6112 is stealth > > > where port 21 and 80 are open under the same conditions. > > > > > > I'm still trying different things trying to solve this problem, any new > > > suggestions are appreciated. > > > > > > Jason > > > > > > Kevin Anderson wrote: > > > > > > > > It won't be. > > > > > > > > You just need to load it up. It should be straight forward, and the > > IPcop > > > > docs talk about how to have it done automatically (read 'following a > > > > reboot') somewhere. This is one place that IPcop as me lost. They > > should > > > > have a file that autoruns when the system first starts. If they have > > one, I > > > > can't find it, and it isn't documented. My workaround (for routing) was > > to > > > > add it to a cronjob that I run every minute. If the route is there, it > > does > > > > nothing. If the route isn't there, it gets added. > > > > > > > > I would assume you could do something similar. Or you could just do it > > > > manually following any reboots. (they'll be rare). > > > > > > > > Kev. > > > > > > > > ----- Original Message ----- > > > > From: "Shawn Grover" <[EMAIL PROTECTED]> > > > > To: <[EMAIL PROTECTED]> > > > > Sent: Monday, February 10, 2003 5:32 PM > > > > Subject: RE: (clug-talk) IPCop Dynamic DNS features and port forwarding > > > > > > > > > Thanks for triggering my memory Kevin. When I was researching > > IPTables, I > > > > > saw lots of PROC modules for allowing Warcraft, Unreal, etc. to work - > > I > > > > > think I saw one for Starcraft as well. I don't think it was specific > > to > > > > > IPtables or IPChains, but could be wrong.... > > > > > > > > > > Shawn > > > > > > > > > > -----Original Message----- > > > > > From: Kevin Anderson [mailto:[EMAIL PROTECTED]] > > > > > Sent: Monday, February 10, 2003 4:53 PM > > > > > To: [EMAIL PROTECTED] > > > > > Subject: Re: (clug-talk) IPCop Dynamic DNS features and port > > forwarding > > > > > > > > > > > > > > > If you want a guess, I'd bet that IPChains will let it work, but > > tables > > > > > won't. > > > > > > > > > > I'm no firewalling genius, but I think what happened is that IPtables > > does > > > > a > > > > > better job of passing related traffic than IPchains. My guess is that > > > > your > > > > > problem will lie there. > > > > > > > > > > I would recommend googling for a starcraft masq module. You may need > > one, > > > > > and then you'll be set. There are docs on how to install additional > > > > modules > > > > > on the ipcop.org site. > > > > > > > > > > Kev. > > > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > From: "Jason Louie" <[EMAIL PROTECTED]> > > > > > To: "Clug Talk" <[EMAIL PROTECTED]> > > > > > Sent: Monday, February 10, 2003 4:52 PM > > > > > Subject: (clug-talk) IPCop Dynamic DNS features and port forwarding > > > > > > > > > > > > > > > > Thank you Jarrod for the great presentation on IPCop. It got me > > > > > > motivated to run home and install it and abandon my floppy disk > > router. > > > > > > I've plugged in a old 700mb HDD and gave it a whirl. I am very > > pleased > > > > > > in that it gave me no troubles and I don't have to reconfigure after > > > > > > every reboot like some floppy distros I found. > > > > > > > > > > > > Now I was just wondering if anyone have used the dynamic DNS > > features > > > > > > on IPCop or have used the services of dhs.org, dyndns.org, dyns.cx, > > > > > > easydns.com, hn.org, no-ip.com or zoneedit.com. I'm using > > dyndns.net > > > > > > currently but would like more info in these if anyone has any. > > > > > > > > > > > > My second question is regarding port forwarding. I...err... my son > > > > > > plays Starcraft on a Windows machine inside the network and in order > > to > > > > > > play online games port 6112 TCP/UDP is required to be forwarded to > > the > > > > > > Starcraft playing machine. I've set up the port forward and > > external > > > > > > service access but I see no improvement in playing Starcraft online. > > Is > > > > > > there a way to check if this port is open? I've had the same > > problem > > > > > > with Coyote Linux but it worked with BBIagent, anyone with any > > ideas? > > > > > > > > > > > > Jason > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
