DNAT net loc:192.168.1.3:2213 udp 2213 -
then restart shorewall
M Lu.
From: Mike Koceja <[EMAIL PROTECTED]> To: S Mohan <[EMAIL PROTECTED]> CC: leaf <[EMAIL PROTECTED]> Subject: RE: [leaf-user] NAT Trouble Date: Sat, 2 Aug 2003 23:23:08 -0700 (PDT)
Sounds good to me. Forgive me but I'm not a linux guru at all could you please explain how to forward all packets to his machine??? Sorry for my ignorance.
--- S Mohan <[EMAIL PROTECTED]> wrote: > Looks like a single port application. I do not know > if netfilter NAT (for > udp) does PAT. I guess that might be a source of the > problem as stated here. > On the other hand Linux routing is very > sophisticated. If such a behaviour > is "bad" implementation, I do not think Linux would > have this > implementation. > > In any case, if your son is the only one using this > application, why not try > forwarding all packets coming to that udp port to > his local IP? > > Mohan > > -----Original Message----- > From: Mike Koceja > [mailto:[EMAIL PROTECTED] > Sent: Sunday, August 03, 2003 10:58 AM > To: S Mohan > Cc: leaf > Subject: RE: [leaf-user] NAT Trouble > > > This is a bit windy but I have attached the > documentation from the site in question. > --------------------------------------------------- > Kali uses peer-to-peer instead of client-server > technology. There are many reasons for this setup > including efficiency, performance, and LAN emulation > requirements. > > In any case, peer-to-peers means that your PC > directly > communicates with every other PC connected to your > game lobby or chat server instead of only > communicating directly with the Kali Servers. > > In a normal (non-NAT setup) Kali will send and > receive > all data on a single "port". A "port" is a simple > way > TCP/IP uses to allow different applications to use > the > same connection without getting data mixed up. > Kali, > by default, uses UDP port 2213. That means that > anything sent to your PC and labeled with port 2213 > will be sent to the Kali application. This allows > any > user on Kali to send data to your PC by referring to > your Internet IP# and the Kali port number. > > With NAT, your PC must share that ip# with other PCs > on the LAN. If two PCs on the LAN both tried to use > the same port, communications would get totally > mixed > up. Data that was supposed to go to one PC would go > to > both PCs and it would be impossible to communicate > properly. NAT systems "solve" this problem by > translating the port numbers so that the rest of the > internet sees each PC on a different port. Usually > this solution works, but sometimes the NAT system > behaves poorly and causes trouble. > > One common example of bad NAT behavior is only > allowing one "connection" at a time on a port. UDP > is > supposed to be connectionless. You should be able > send and receive packets from one port to any number > of other PCs, but these poorly designed NAT systems > make the assumption that like TCP, UDP must be only > allowed to communicate with one other PC on any > given > port. This is simply wrong and what happens in Kali > depends on how the router handles this. Some > routers > will create new NAT ports for each PC you > communicate > with which cause all sorts of strange behavior in > Kali. Other NAT systems simply block the other > clients > and causes Kali to have trouble communicating. > > What can you do? > > If Kali works on one PC, but fails when more than > one > PC uses Kali at the same time, the fix may be > simple. > No matter what the problem, it's always a good idea > to > set each PC to use a different port in Kali and > avoid > conflicts on the NAT system. By doing this you can > prevent most of the NAT related problems since the > port contention no longer becomes a factor. > > To change the port, run Kali, go to the File menu, > select Settings, click the Advanced tab and enter a > value next to "Local Port". Each PC on the LAN > should > have a different port in Kali. Just use numbers > like > 2213, 2214, 2215, etc. > > Another common setting that can usually help > involves > enabling the "Special NAT Processing" in Kali. You > can do this under the "Proxy" settings (File menu, > Settings, Proxy). In some cases you may need to > manually enter the local ip# of the other PCs on the > LAN, but usually this isn't necessary. > > After doing both of the above, if you still have > trouble, check to see if your router allows "static" > port mappings or "pin holes". If so, for each PC, > add > it's local ip# and the port you setup in Kali for > that > machine. Each PC needs to have it's own "pin hole" > or > "static" mapping with a unique IP# and port. Be > sure > to setup these entries with "UDP" ports and not > "TCP" > (selecting both is ok, as long as UDP is selected). > > > ------------------------------------------------------ > > Does this help? > > > > --- S Mohan <[EMAIL PROTECTED]> wrote: > > Maybe this app requires more than one port like > > H323. Port forwarding might > > then solve the problem. > > > > Mohan > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > > Behalf Of Ray Olszewski > > Sent: Sunday, August 03, 2003 5:22 AM > > To: leaf > > Subject: Re: [leaf-user] NAT Trouble > > > > > > At 03:29 PM 8/2/2003 -0700, Mike Koceja wrote: > > >I have another problem. My son is trying to > access > > an > > >online gaming site and is running into a brick > > wall. > > >The site requires UDP port 2213 which I opened up > > with > > >no trouble. Whoever when he connects he gets the > > >following error message... > > > > > > > > > Your internet address changed! It was > > > 4.47.177.158:62146, but now it appears to be > > > 4.47.177.158:62156. This is a problem > usually > > > caused by a bad or improperly configured NAT > > > setup. > > > > > > > > >What do I need to do to correct this problem? > > > > Is this really an error message and not just an > > informational one? That is > > to say, does the game then fail to operate > properly? > > If the game goes on to > > work, my own inclination would be to ignore the > > site's whining. > > > > But assuming it is really an error message, what > > instruction does the site > > (or its companion URL) provide about how to > > configure access through a > > NAT'ing router? > > > > The message by itself is simply too lean in > content > > to figure out what they > > want from you. I'd **guess** that the game client > at > > your end runs using a > > particular port, not just any available port. If > so, > > you **may** need to > > port-forward that port through the LEAF router > > rather than simply use the > === message truncated ===
__________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
