/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Hi all,
I have spent the last 2 days combing both the web and newsgroups via
Google to try and find a solution to my problem.
My problem is that I cannot make connections ot ZoneMSN (or to any
network game) to play DungeonSiege (a DirectX 8.0 game).
I am running a network as such:
client(s) : 192.168.1.225 (Windows 2k) (+4 other computers)
firewall: 144.132.1.2 (2.2.19 kernel (was RH6.2), ipchains-1.3.9-5)
I use a very simple (and probably not that secure) setup for my firewall
which looks like:
--------------------
[root@mail rc.d]# ipchains -L -n
Chain input (policy ACCEPT):
target prot opt source destination ports
ACCEPT udp ------ 0.0.0.0/0 0.0.0.0/0 67 -> 68
bpa-in all ------ 0.0.0.0/0 0.0.0.0/0 n/a
Chain forward (policy DENY):
target prot opt source destination ports
MASQ all ------ 192.168.1.0/24 0.0.0.0/0 n/a
Chain output (policy ACCEPT):
target prot opt source destination ports
DENY tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> 135:139
DENY udp ------ 0.0.0.0/0 0.0.0.0/0 * -> 135:139
Chain bpa-in (1 references):
target prot opt source destination ports
ACCEPT tcp ------ 203.32.61.0/24 0.0.0.0/0 * -> 113
DENY tcp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 0:1023
DENY udp ----l- 0.0.0.0/0 0.0.0.0/0 * -> 0:1023
---------------------
This setup works beautifully, has done for years, and I've played Quake,
Counterstrike, Unreal Tournament, etc, etc on this without any hassles
whatsoever. Mail, websurfing..., fantastic.
Now, DX8.0 requires that UDP 6073, and UDP 2300-2400. So, I used
ipmasqadm in the following way: (and this matches a lot of examples
given)
---------------------
ipmasqadm portfw -f
port=2300
while [ $port -lt 2401 ]
do
ipmasqadm portfw -a -P udp -L 144.132.1.2 $port -R 192.168.1.225 $port
port=$((port+1))
done
port=6073
ipmasqadm portfw -a -P udp -L 144.132.1.2 $port -R 192.168.1.225 $port
---------------------
I can connect to ZoneMSN with DungeonSiege, but it cannot find a game
and it hangs the game.
I've tried a number of things including allowing inserting ipchains
rules to allow all UDP traffic explicitly, and to skip the MASQ on the
forward chain.
-I input -p udp -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT
-I forward -p udp -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT
The skipping of the MASQ allows the game to successfully connect to
ZoneMSN but still not find a game, however it doesn't hang (which led me
to suspect that I was on the right sort of track). I don't however know
exactly where to start.
I have been able to test that the forwarding _does_ work by configuring
a hole into a telnet server on one of my internal machines and I could
connect to that successfully. However, that's TCP, and not UDP.
I'm a Java crypto programmer, and not a network administrator, so
any assistance that people could lend me, I'd really appreciate it, and
if you've got any Java crypto problems, I'd be very happy to help ;-)
Thanks in advance,
-- jon
--
Jon Eaves <[EMAIL PROTECTED]>
http://www.eaves.org/jon
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
