i run an iptables firewall at home that routes for two computers. we play a
few games with people outside the firewall with my computer acting as the
server. my internal network is 10.0.0.0/28 and my computer's ip is
10.0.0.14. the support docs for the games we play tell me to open port 4000
to allow a connection, so the firewall needs to route any connections on
that port directly to my computer. they say nothing about a UDP or TCP
connection, so i set up routing strings for both :
$xif is the external interface on the firewall, eth1.
iptables -t nat -A PREROUTING -p udp --dport 4000 -i $xif -j DNAT --to
10.0.0.14
iptables -t nat -A PREROUTING -p tcp --dport 4000 -i $xif -j DNAT --to
10.0.0.14
this does not work. people outside the firewall still get a "cannot connect
to server" error. do i need a filter rule to allow connections to port 4000
in? something like :
iptables -A INPUT -p tcp --dport 4000 -j ACCEPT
iptables -A INPUT -p udp --dport 4000 -j ACCEPT
i drop any connection that is not established or related, allow SSH and DNS
on the internal network as well as ip forwarding on internal.
just wondering if anyone has any insight into this...
