i.c. Another guy responded and explained why he (or his company) would restrict outbound, and I understand his reasoning, but I was thinking more along the lines of your particular case. I would think that by including an outbound filter, unless you have very good reasons why you want to restrict users inside your firewall from getting anyplace on the Internet other than the IP's listed, that you are just creating a potential problem for yourself. Also, you mentioned 2 outbound filters... the second being from "any" to "any". Was this a typo? I know that the two are referencing diff protocols but I still can't help but believe this is incorrect. Why would you create two outbound filters when the second filter essentially nullifies the first? I would think, under normal circumstances, you would need an outbound filter that was simply set to allow everything and an inbound filter set to allow the appropriate protocols on the appropriate ports from "any" to (your server).
This would basically open your servers initial connection port (whatever you selected) to any host on the Internet while allowing your server to get anyplace it needs to go. My server is behind a WG firewall and I have the services configured as follows: Incoming "allow" (My HL server IP address) Protocols/ports UDP 27015 TCP 27015 from "any" Outgoing "allow" from "any" to "any" This works fine for me although I understand that different people may have reasons why they may want additional restrictions. btw... in the WG 700 I believe the proper terminology is "allowed and enabled". -----Original Message----- From: CYKO [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 28, 2006 7:47 AM To: [email protected] Subject: RE: [hlds] HL2DM Server now behind WG Firebox 700 was playable bu tnot listed by STEAM No Idea, it was in the knowledge base, but look here the game can be seen by game monitor CYKO'sT Low-Gravity Sniper! [Play] IP: 69.74.70.242:27015 Players: 0/10 (average: 3.06) Map: DM_Snipe_Reborn_V2 (2) Consecutive Failed: 0 Game: Half-Life 2 Deathmatch Last Updated: 58s ago (cached: 0s) Month Uptime: % ( / ) Last DB Update: 21m51s ago CYKO -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edward Luna Sent: Monday, March 27, 2006 8:24 PM To: '[email protected]' Subject: RE: [hlds] HL2DM Server now behind WG Firebox 700 was playable bu tnot listed by STEAM I'm curious... why the outgoing filter from any to a list of IP addresses? Why wouldn't you allow outbound from any to any? I can see restricting inbound... but why outbound? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, March 27, 2006 2:57 PM To: [email protected] Subject: Re: [hlds] HL2DM Server now behind WG Firebox 700 was playable but not listed by STEAM The Linksys was running perfectly! with a nat route public to private and I have set up the firebox according to this article. You will need to add the following 2 custom services to your "Outbound" firewall settings. CUSTOM SERVICE #1: (to allow you to log onto/dl updates from steam) Service Name: SteamLogonAuthAndUpdateServers (if firewall allows for names) (also: IP list updated to include Steam changes & Rag Doll Kung Foo update servers) Protocols: - TCP : 2790-2827 - TCP : 2829-2999 - TCP : 27009-27100 - TCP : 1110-1139 Outgoing Filter: Allow From: Any To: 65.39.204.210 68.142.72.250 68.142.88.250 68.142.88.34 69.90.119.2 69.28.151.62 69.28.151.82 69.28.151.162 69.28.151.178 69.28.151.190 69.28.153.82 69.28.163.62 69.28.173.38 82.71.218.105 82.39.204.210 146.82.146.110 207.173.177.11 207.173.177.12 207.173.177.13 207.173.177.14 207.173.177.15 207.173.177.16 207.173.177.17 207.173.177.18 207.173.177.19 207.173.177.100 207.173.177.110 207.173.177.120 207.173.177.130 207.173.177.140 207.173.177.150 207.173.177.160 207.173.177.170 207.173.177.180 207.173.177.190 207.173.177.200 207.173.177.210 207.173.177.220 208.146.35.121 CUSTOM SERVICE #2: (to allow you to connect to game servers) Service Name: SteamGameServers (if firewall allows for names) Protocols: - UTP : 27010-27020 (note, other PC games may use additional ports, if so just simply add them to this list) Outgoing Filter: Allow From: Any To: Any CYKO ----- Original Message ----- From: Stuart Stegall <[EMAIL PROTECTED]> Date: Monday, March 27, 2006 2:07 pm Subject: Re: [hlds] HL2DM Server now behind WG Firebox 700 was playable but not listed by STEAM > sv_region 255 doesn't always work, but I believe you've previously had > it at 0 right? Also might wanna specify sv_lan 0. > > It seriously sounds like an issue with the configuration of the > Firebox.Where you getting problems with your Linksys? (We are > currently hosting around 22000 servers using Linksys WRT54Gs with our > own custom OpenWRT distro for MAC filtering) > > On Mon, 2006-03-27 at 13:52 -0500, [EMAIL PROTECTED] wrote: > > This Server was full fuctional on Friday, I replaced a linksys > router with the firebox on Saturday and configured the ports to foward > the game like it was for the linksys router. > > > > Here is full config file. > > // Use this file to configure your DEDICATED server. > > // This config file is executed everytime the server changes levels. > > // ------- > > // Any modifications made to this file will not take affect > before the server has been restarted. > > > > hostname "CYKO'sT Low-Gravity Sniper - Original Flavor!" > > // Passwords > > > > //sv_password xxxxxxxxxxxxxx > > rcon_password xxxxxxxxxxxxx > > > > // Server Settings > > > > Log 1 > > > > sv_maxspeed 250 > > sv_cheats 0 > > sv_alltalk 0 > > sv_minrate 50 > > sv_maxrate 30000 > > sv_gravity 85 > > sv_allowupload 1 > > sv_allowdownload 1 > > sv_region 255 > > > > > > sv_rcon_minfailures 2 > > sv_rcon_maxfailures 3 > > sv_rcon_banpenalty 60 > > sv_rcon_minfailuretime 30 > > > > mp_fraglimit 25 > > mp_timelimit 0 > > mp_flashlight 1 > > mp_footsteps 1 > > mp_forcerespawn 0 > > > > // load ban files > > exec banned.cfg > > exec banned_ip.cfg > > exec mani_server.cfg > > exec weapons.cfg > > > > > > > > > > ----- Original Message ----- > > From: Stuart Stegall <[EMAIL PROTECTED]> > > Date: Monday, March 27, 2006 1:33 pm > > Subject: Re: [hlds] HL2DM Server now behind WG Firebox 700 was > playable but not listed by STEAM > > > > > There's actually a possibility of several things here. One is > > > that a port is blocked upstream of your router. Second is that > > > your > ip is > > > blocked by Valve. > > > > > > Sometimes upstream prodivers block ports who knows what > reason, though > > > generally it's because they are either being DoS'd or there's an > > > exploitthat's using that port and they are blocking it for a > > > couple of weeks. > > > Unless you have some kind of dedicated port, you generally > don't get > > > notified of these port blockings. > > > > > > The second problem could be checked by seeing if your shows up on > > > GameSpy. We had an IP range we purchased that was being > blocked by > > > Valve (actually turned out it was being blocked by a LOT of > > > people, damn > > > hackers) and while we couldn't find it through the Steam server > > > listings, they did show up @ GameSpy. > > > > > > Also, I assume you've double checked that your Firebox is > > > forwarding the ports to this server. > > > > > > Post your full config file as well. (minus your rconpassword > please)> > > > > On Mon, 2006-03-27 at 10:16 -0500, [EMAIL PROTECTED] wrote: > > > > It is UDP ports 27010-27020 > > > > > > > > ----- Original Message ----- > > > > From: Whisper <[EMAIL PROTECTED]> > > > > Date: Monday, March 27, 2006 7:50 am > > > > Subject: Re: [hlds] HL2DM Server now behind WG Firebox 700 was > > > playable but not listed by STEAM > > > > > > > > > -- > > > > > [ Picked text/plain from multipart/alternative ] Good Luck > > > > > trying to get anywhere with UTP, you are going to > > > need it. > > > > > > > > > > I think you will find the author of article meant UDP, > which may > > > > > allow you > > > > > to get somewhere. > > > > > > > > > > On 3/27/06, CYKO <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > From this article > > > > > > > > > > > > > > > > > > > > > > > > > > > http://forums.steampowered.com/forums/showthread.php?s=&threadid=297338&high > light=watchguard > > > > > > > > > > > > -----Original Message----- > > > > > > From: [EMAIL PROTECTED] > > > > > > [mailto:[EMAIL PROTECTED] On Behalf Of > Whisper> > > > > Sent: Monday, March 27, 2006 7:32 AM > > > > > > To: [email protected] > > > > > > Subject: Re: [hlds] HL2DM Server now behind WG Firebox > 700 was > > > > > playable> but > > > > > > not listed by STEAM > > > > > > > > > > > > -- > > > > > > [ Picked text/plain from multipart/alternative ] > Universal Time > > > > > Protocol ? > > > > > > :D > > > > > > > > > > > > On 3/27/06, CYKO <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > I have added the following ports to be opened > > > > > > > > > > > > > > Protocols: > > > > > > > - TCP : 2790-2827 > > > > > > > - TCP : 2829-2999 > > > > > > > - TCP : 27009-27100 > > > > > > > - TCP : 1110-1139 > > > > > > > > > > > > > > - UTP : 27010-27020 > > > > > > > > > > > > > > CYKO > > > > > > > > > > > > > > -----Original Message----- > > > > > > > From: [EMAIL PROTECTED] > > > > > > > [mailto:[EMAIL PROTECTED] On Behalf > Of kyle > > > > > > > Sent: Monday, March 27, 2006 1:36 AM > > > > > > > To: [email protected] > > > > > > > Subject: RE: [hlds] HL2DM Server now behind WG Firebox > 700 was > > > > > > > playable but not listed by STEAM > > > > > > > > > > > > > > -- > > > > > > > [ Picked text/plain from multipart/alternative ] Sv_region > > > > > should be > > > > > > > set at either 1 or 255 if I'm correct. > > > > > > > > > > > > > > my server is set at 1, and it can be seen around the > world.> > > > > > > > > > > > > -------Original Message------- > > > > > > > > > > > > > > From: CYKO > > > > > > > Date: 03/26/06 15:52:57 > > > > > > > To: [email protected] > > > > > > > Subject: RE: [hlds] HL2DM Server now behind WG Firebox > 700 was > > > > > > > playable but not listed by STEAM > > > > > > > > > > > > > > sv_region 0 > > > > > > > > > > > > > > From the cfg file > > > > > > > > > > > > > > -----Original Message----- > > > > > > > From: [EMAIL PROTECTED] > > > > > > > [mailto:[EMAIL PROTECTED] On Behalf > Of kyle > > > > > > > Sent: Sunday, March 26, 2006 6:35 PM > > > > > > > To: [email protected] > > > > > > > Subject: Re: [hlds] HL2DM Server now behind WG Firebox > 700 was > > > > > > > playable but not listed by STEAM > > > > > > > > > > > > > > -- > > > > > > > [ Picked text/plain from multipart/alternative ] > What's your > > > > > region> > setting set to. > > > > > > > > > > > > > > -------Original Message------- > > > > > > > > > > > > > > From: CYKO > > > > > > > Date: 03/26/06 14:20:53 > > > > > > > To: [email protected] > > > > > > > Subject: [hlds] HL2DM Server now behind WG Firebox 700 was > > > > > playable> > but not listed by STEAM > > > > > > > > > > > > > > This is a multi-part message in MIME format. > > > > > > > -- > > > > > > > [ Picked text/plain from multipart/alternative ] HELP, > > > Perviously> > > > running server HL2DM, is still running and was > > > playable behind > > > > > a WG > > > > > > > Firebox 700, You can play the server as long as it is > in your > > > > > > > favorites, but if you list the internet games, the server > > > is not > > > > > > > listed. So no one new can see the game running, unless it > > > on their > > > > > > > favorits. > > > > > > > > > > > > > > I have added a NAT entry (Public IP) to Internal > server (IP) > > > > > on the > > > > > > > firebox, that helps play the game, but I can not get the > > > > > server listed > > > > > > > by name, but if you add the IP into favorites, that > name comes > > > > > up. But > > > > > > > that now has stopped working, No i can not even get on the > > > > > server.!> > > > > > > > > What ports besides 27015 do I need to openup on the > firewall?> > > > > > > > > > > > > > > > > > > > > > > > > > > CYKO > > > > > > > -- > > > > > > > > > > > > > > _______________________________________________ > > > > > > > To unsubscribe, edit your list preferences, or view > the list > > > > > archives,> > please visit: > > > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > To unsubscribe, edit your list preferences, or view > the list > > > > > archives,> > please visit: > > > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > To unsubscribe, edit your list preferences, or view > the list > > > > > archives,> > please visit: > > > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > To unsubscribe, edit your list preferences, or view > the list > > > > > archives,> > please visit: > > > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > To unsubscribe, edit your list preferences, or view > the list > > > > > archives,> > please visit: > > > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > -- > > > > > > > > > > > > _______________________________________________ > > > > > > To unsubscribe, edit your list preferences, or view the list > > > > > archives,> please visit: > > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > To unsubscribe, edit your list preferences, or view the list > > > > > archives,> please visit: > > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > -- > > > > > > > > > > _______________________________________________ > > > > > To unsubscribe, edit your list preferences, or view the list > > > > > archives, please visit: > > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the list > > > archives, please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > > archives, please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
