Secondly your game PC is behind the netgear so it's is probalby being NATed by the netgear.
I don't know much about the Netgear set up so you have to see if it can be set up as a 2 way router and then add a route on your bering to route anything for 192.168.2 to 192.168.1.4
i.e ip route add 192.168.2.0/24 via 192.168.1.2 dev eth1 hope this help Huy
----- Original Message ----- From: "Barry Baldwin" <[EMAIL PROTECTED]>
To: "Leaf-User (E-mail)" <[email protected]>
Sent: Friday, January 14, 2005 2:03 AM
Subject: [leaf-user] Shorewall Port Forwarding
Hello all,
I've setup a Bering uClibc system at home as a firewall. It came up and is
working great.
(By the way I tested it by going to www.hackerwatch.org/probe/ )
I'm now playing around with trying to allow one of my PC's behind the
firewall to host an internet game ( Warcraft III).
Here is the topology of my network.
PPP0 dhcp / 192.168.1.254 192.168.1.4 / 192.168.2.1
192.168.2.3
Internet --> DSL Modem --> Bering FW box --> Netgear 4 port wireless router
--> PC game server
Sorry for the weak/non-existent ASCII art.
+ So basically I have a DSL line that goes into a DSL modem,
+ The modem goes to the Bering Firewall box which is a PPPoE connection
+ The Firewall goes to a wireless router( Netgear MR814) through eth1 with 4
ports.
Eth1 on the FW is 192.168.1.254 the routers WAN interface IP is
192.168.1.4
+ One of the wired ports goes to the PC game server.
The Routers IP is 192.168.2.1 and the PC game servers IP is 192.168.2.3
The default gateway of my PC game server is set to the wireless router(192.168.2.1)
To the shorewall rules configuration file I've added DNAT net loc:192.168.2.3 tcp 6112 DNAT net loc:192.168.2.3 udp 6112 #Wasn't sure if these were needed so I added them anyway. ACCEPT net fw tcp 6112 ACCEPT net fw udp 6112 ACCEPT loc fw tcp 6112 ACCEPT loc fw udp 6112
This doesn't work.
From the FAQ on shorewall.net I did the following. "iptables -t nat -Z" to clear the counts then I attempted to host a game Then I did "shorewall show nat" to look at the counts. The counts are zero. If I join a game, then the counts increment and the shorewall.log file contains a bunch of FORWARD:REJECT entries for the 6112 port. I'm not sure why the REJECTS are happening.
I have DSL through SBC and I have friends who are able to host games, so I
am pretty certain that the ISP is not blocking that port. Not sure exactly
what else to try. I'm guessing I'm missing something obvious.
Any suggestions would be appreciated, Thanks in advance, Barry
-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
------------------------------------------------------------------------
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
