uPNP(m0gley) will do this. Routers do validate their IP address and as far as that RFC it's RFC-3022. NAPT Is what most on the list here refer to as NAT/P-NAT/PAT. If your router does that I am betting you have uPNP enabled. Otherwise, since non of these routers are windows based, I doubt they do what your saying because it would be a very gross violation of NAPT and a very big security risk which should be all over BugTraq. BTW the E-mail Is at the bottom.
Oh and What models you say exhibit this behavior? I would like to know so I can do some packet sniffing and see what happens, if they actually are doing this. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of OoksServer Sent: Thursday, December 30, 2004 4:41 PM To: [email protected] Subject: Re: [hlds] Help Help, >>In the e-mail I posted below you even stated so yourself it works that way. I don't see this email, what are you referring to? What I said is exactly what happens. If you don't believe me, try it yourself. I've done it many times. If anyone wants to see this in action, when I get home tonight I'll un-forward my ports and start an hlds server behind my router with no forwarded ports. It will work exactly like I said it will, clients will see me on the Steam list, and they will be able to join and play. Steam will show my port as 12345 or something like that, not 27015. Most consumer grade routers, and probably a lot of commercial routers also, do not validate the ip address of incoming packets. Technically, that is the responsiblity of the firewall. An outgoing request results in an entry in the routers address translation table. This entry stores the internal computers non-routable IP address and port. At this point, ANY incoming packet goes into the router. The router looks at the destination port of the incoming request, checks the address translation table to see if there is a matching entry and either drops that packet if there is no matching entry, or sends it through if there is a matching entry. Technically, we just did PAT (Port Address Translation). The router does not care where this packet comes from, and does not care that it came from an IP other then the one that I sent my original outgoing packet to (Netgear's problem is their address translation table only holds about 256 entries, where most other routers will hold thousands.). Again, that is the responsbility of the firewall. RFC1631 doesn't really specify whether or not the ip of incoming packets is validated or not, I'm guessing that is up to the manufacturer to decide, but many if not most consumer grade routers don't do this. That is what the firewall is for. In your firewall, you can specify source and destination ports and IP address, and any packets from other IP address into the port will be dropped. I once started my HL server but forgot to forward ports. I had traffic as usual, but one of my regulars asked me why the server was on this weird port. That is when I discovered that I forgot to forward any ports. If what you said was true, this would not work and I would not have had any traffic. > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of OoksServer > > Sent: Wednesday, November 10, 2004 11:50 AM > > To: [email protected] > > Subject: Re: [hlds] server showing up in steam for others to join > > > > I went through this a few times, as have others here. Do the following: > > > > 1) Tell us which router you have. I used a Belkin router and could > > never > get > > it to work. Belkin tech support was worthless, and I never got it to work. > I > > got rid of the router, problem went away. > > 2) Make sure there is no firewall or other device running that > > prevents outgoing ports from being opened. Many routers have a > > firewall that > defaults > > to on that will cause your server to not be in the list. Turn it > > off, or > set > > it to allow outgoing ports to be opened and stay open. > > 3) Make sure to run hldsupdatetool, as an out of date hlds > > installation > will > > prevent the server from being visible. > > 4) Post your server name and IP so we can take a look at it from the > outside > > world. > > 5) Don't go opening a whole bunch of ports. The only incoming port > > you > need > > is 27015 (or the port you specified for your server). All other > > ports are > > outgoing ports and are psuedo-random by hlds and will be assigned by your > > router. _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
