Just to close up this thread:
Maarten hit it right on the head! OpenBSD's obfuscating security policies (usually our best friend) were biting me. Using the "static-port" flag on my NAT rule got the server workign with only the Valve recommended ports open, and it's in the server browser.
Thanks very much Maarten and everyone who helped. -miles
On Fri, 18 Mar 2005, Maarten van der Zwaart wrote:
Your NAT router is translating outgoing packets from your server to the master servers. If the router changes the source port of those packets (and it seems it does in your case), then the master server will report the wrong port to clients, which is why you see blocked packets on 50700-62000 in your log. You need to tell your router to NOT change the port on the outgoing packets.
You mention you use a BSD router, does it use PF? If so something like this should work:
nat on $ext_if proto udp from $game_server_ip port 27015 to any -> ($ext_if) static-port
static-port means it will not change the port during NAT.
Note you will still not see it on the server list from behind the same router, but others will.
Maarten
-- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail?
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
