Jeremy Chadwick <[EMAIL PROTECTED]> writes: > On Fri, Oct 31, 2008 at 12:35:30PM -0400, Lowell Gilbert wrote:
>> Okay, I guess I'm a little confused by the line about "ONLY allow data >> back on these ports IF the windows box has established the connection >> out first then deny everything else." I read that as saying that the >> Windows box had sent a packet on the same connection (4-tuple, at >> least) that should be later accepted heading *to* the Windows box. >> That's just a stateful rule, and it seems to be at odds with what you >> wrote in your first message in the thread. The apparent disagreement >> was why I said anything in the first place; it sounds like there's >> more than one model of how the game works. > > I understand the confusion. Here's the actual protocol that the game > appears to be using (since the OP has stated forwarding a port range to > his LAN PC solves the problem -- meaning, his original description of > how the game protocol worked is accurate): I see. If that is the case, then the word "connection" in the line I quoted from Jack Barnett does *not* mean a TCP session, but something a little more nebulous. "Game session" might cover it. [I *was* aware of that possible confusion, which was why I specified an address/port tuple as the definition of "connection."] Sorry for the distraction; I see that (short of a deep-inspection snooping of the protocol), what has already been done is as good as you can get. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"