On Wed, Mar 16, 2005 at 07:07:31PM -0800, Miles Crawford wrote: > Well - I have confirmed that you can connect to it using the direct IP from > off the NAT, but I still can't get it to show up in the server browser. > > I've read through nathan's questionable advice, and I've forwarded all the > ports elmer sent me inbound and outbound, plus 50700-62000 udp. I did this > because I saw those ports being blocked in my packet filter log. > > I now see exactly zero packets being blocked in the log (either in or out) > and > I feel so open i might as well be in the DMZ. My sv_region is set to 1, and > I'm in seattle. Nevertheless, neither I (not on the NATed network) nor my > friend here in seattle can see the server in the browser! > > Any more advice?
No need to open up all those ports. Your NAT router is translating outgoing packets from your server to the master servers. If the router changes the source port of those packets (and it seems it does in your case), then the master server will report the wrong port to clients, which is why you see blocked packets on 50700-62000 in your log. You need to tell your router to NOT change the port on the outgoing packets. You mention you use a BSD router, does it use PF? If so something like this should work: nat on $ext_if proto udp from $game_server_ip port 27015 to any -> ($ext_if) static-port static-port means it will not change the port during NAT. Note you will still not see it on the server list from behind the same router, but others will. Maarten -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
