On 10/10/06, Stuart Henderson <[EMAIL PROTECTED]> wrote:
On 2006/10/10 12:54, ropers wrote:
> On 10/10/06, Stuart Henderson <[EMAIL PROTECTED]> wrote:
> >
> >runescape played from the website is a java program, it connects
> >on ports 43594-43595 and 8010, those are the ports you would need to
> >throttle and are unlikely to affect standard web traffic.
Since the process to find this out is probably more useful than the actual
information, it's worth describing it: I opened their website and connected
to a game server while watching tcpdump output. Destination port number
stayed the same for a couple of connections and between a couple of
servers so I googled 'runescape 43594' and found the information for the
other ports.
Hey, good work! :) I did something similar to figure out why a PDL
printer didn't work from a Win box behind an OpenBSD firewall. (It
needed port 9100 open.) For the benefit of future archive readers,
here's what I did:
vi /etc/pf.conf
:%s/block all/block log all
:x
pfctl -f /etc/pf.conf
<send print job or do whatever doesn't work>
cp /var/log/pflog .
vi /etc/pf.conf
:%s/block log all/block all
:x
pfctl -f /etc/pf.conf
tcpdump -n -e -ttt -r pflog > pflog.txt
tail pflog.txt
and then I also googled for more info
