If the firewall (I'm assuming one of the integrated NICs like theplanet
uses) allows outbound by default, or has a canned ruleset for this scenario,
all you need to forward back in is UDP on whatever port your server runs.
Other communication is initiated at the server and outbound.
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <ham>; <hlds@list.valvesoftware.com>
Sent: Thursday, February 16, 2006 4:57 PM
Subject: Re: [hlds] [HLDS-OT]Server firewall recomendations?
Dan Sorenson wrote:
So, first draw out your topology. That's going to
determine exactly what piece of kit will be necessary.
Next, forwarding a range of udp ports for HL is not much of
a security risk, and any of the above can handle it. If you
need to open ports at random, you're looking at higher-end units.
- Dan
* Dan Sorenson DoD #1066 A.H.M.C. #35 [EMAIL PROTECTED] *
* Vikings? There ain't no vikings here. Just us honest farmers. *
* The town was burning, the villagers were dead. They didn't need *
* those sheep anyway. That's our story and we're sticking to it. *
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
Wow, that is a ton of information in one message and very insightful.
Unfortunately I feel I should have been a little more specific in my
request or at least clearer regarding my current situation. My current
box is a Leased dedicated server in a data center in Texas. It does
have a hardware firewall attached that is a NAT device that I can access
via a web interface through my hosts web control panel. The only problem
is that it is somewhat restrictive regarding the rules that can be set
up. It uses rule sets similar to ipSec but is limited in how many can be
set up and as with ipSec only one port at a time. Very time consuming.
If it was just a matter of opening a range of ports it wouldn't be a
problem. It does work though. If I turn on one of the pre-written rules
sets it locks things up tight as a drum.
My capacity to set up another Hardware firewall being somewhat limited
by my situation I was hoping for another option. I really do not like
the idea of a software firewall but if it could do the job I could live
with it. Frankly I am very seriously looking into the possibility of
moving all of the web sites currently on this particular box to a Linux
box (I am growing ever less fond of web hosting on Winders) and leasing
another box with a host that encourages Gaming which would possible
improve my situation. I do appreciate the info though. Always nice to
learn something.
Rob...
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
