/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */ Does anybody know a way to set up ipchains/ipmasq to allow multiple windows computers behind a linux box to play directplay games? I know that some of those games require us to open specific tcp/udp ports, but so far I can only set up ONE machine to play to the internet using ipmasqadm portfw command, since in the portfw option we have to specify a target ip address. And I have to change the config file everytime a different user wants to play using his own machine. Is there an option to just open specific ports so that any computer in our local LAN can get through to the internet? Or will this be too dangerous in terms of security? My linux box configuration looks like this: (WINBOX1-WINBOX4 are our local machines) ipchains -P forward DENY ipchains -A forward -j MASQ -s 10.123.123.0/24 -d 0.0.0.0/0 extip="`/sbin/ifconfig eth1 | grep 'inet addr' | awk '{print $2}' | sed -e 's/.* ://'`" extint="eth1" intip="10.123.123.5" WINBOX1="10.123.123.10" WINBOX2="10.123.123.8" WINBOX3="10.123.123.18" WINBOX4="10.123.123.23" # DIRECT PLAY ipmasqadm portfw -a -P tcp -L $extip 47624 -R $WINBOX1 47624 ipmasqadm portfw -a -P udp -L $extip 47624 -R $WINBOX1 47624 A=2300 while [ $A -lt 2400 ]; do ipmasqadm portfw -a -P tcp -L $extip $A -R $WINBOX1 $A ipmasqadm portfw -a -P udp -L $extip $A -R $WINBOX1 $A A=`expr $A + 1` done # BONEYARDS ipmasqadm portfw -a -P udp -L $extip 3568 -R $WINBOX1 3568 ipmasqadm portfw -a -P tcp -L $extip 9110 -R $WINBOX1 9110 ipmasqadm portfw -a -P tcp -L $extip 9113 -R $WINBOX1 9113 # MPLAYER B=8000 while [ $B -lt 9000 ]; do ipmasqadm portfw -a -P tcp -L $extip $B -R $WINBOX1 $B ipmasqadm portfw -a -P udp -L $extip $B -R $WINBOX1 $B B=`expr $B + 1` done --------------------------------------------------- Harry Wardhana [EMAIL PROTECTED] _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
