Re: connecting a PS4 via IPFW

Fri, 27 Nov 2015 10:04:20 -0800 

Aren't your regular NAT rules in NAT instance 1? That command will
overwrite those and leave just the new ones.

If that's the case, you can put those rules in a different NAT instance,
or add them to the rest of your NAT rules.


As to the risk, given the security history of UPnP, this kind of static
port forwarding might be more secure. Redirect only the necessary ports
and don't worry about it. Or isolate the PS4 in a DMZ, if you're
concerned it could be used as a point of entry into your network.


Cheers,

Thomas

Wed, Nov 25, 2015 at 04:00:12PM +1100, Graham Menhennitt:
> Hello IPFWers,
> 
> I have a box running FreeBSD 10-stable that I use as a
> router/firewall/NAT. It runs IPFW and uses kernel NAT. My son is nagging
> me about playing multi-player online games on his Sony PS4.
> 
> From what I've read, I could enable UPnP. But I've tried compiling the
> net/miniupnpd port but it won't build for IPFW (and I don't want to
> convert to PF).
> 
> Giving up on that, I'm now trying to enable port forwarding -
> apparently, this will fix it. I've allocated the PS4 a static IP address
> on my LAN. I need to port forward TCP ports 80, 443, 1935, 3478-3480,
> and UDP ports 3478-3479. I've tried the following command:
> 
> ipfw nat 1 config \
>         redirect_port tcp ${PS4_LAN_ADDRESS}:1935 80 \
>         redirect_port tcp ${PS4_LAN_ADDRESS}:1935 443 \
>         redirect_port tcp ${PS4_LAN_ADDRESS}:1935 1935 \
>         redirect_port tcp ${PS4_LAN_ADDRESS}:3478 3478 \
>         redirect_port tcp ${PS4_LAN_ADDRESS}:3479 3479 \
>         redirect_port tcp ${PS4_LAN_ADDRESS}:3480 3480 \
>         redirect_port udp ${PS4_LAN_ADDRESS}:3478 3478 \
>         redirect_port udp ${PS4_LAN_ADDRESS}:3479 3479
> 
> but that completely kills my Internet connection for all other uses (and
> the PS4 still doesn't work!).
> 
> Could somebody please give me some clues.
> 
> Also, what are the risks of doing this port forwarding?
> 
> Thanks,
>     Graham
> _______________________________________________
> freebsd-ipfw@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

Reply via email to