Scott, As I promised I am updating the list on my progress at getting game servers to work with echowall and Dachstein. Your suggestions for the Quake section worked great for Quake 2 but Quake 1 and 3 do not connect. I suspect that in the case of Q3 it may be related to the lack of processor power in my games server. I didn't even try Unreal Tournament on that box. Tonight I tried UT on my wifes machine which has the power but still could not connect. The server registered that my game was connecting but it timed out and never connects. I do not see any errors in the log but it almost appears as if the packet are allowed in but are not getting back to the client. When I was successful with Q2 I was using a machine on the same net as the server but connecting to the external IP. Since it worked for Q2 is it reasonable to assume it would work for UT and Q3? I will ask a friend to try from outside the network sometime this weekend just to see if it works. Any additional suggestions are appreciated.
Thanks, Kory "Scott C. Best" wrote: > Kory: > > Wow, I bet this turned into a whole lot more than you > were expecting. FWIW, posting the firewall packet log was the > *exact* right thing to do. > > Try this. Change the whole QUAKE section of the > echowall.rules file to look like this: > > #QUAKE#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 4242 -p tcp -j ACCEPT > #QUAKE#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 27901 -p tcp -j ACCEPT > #QUAKE#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 27901 -p udp -j ACCEPT > #QUAKE#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 27910:27961 -p udp -j ACCEPT > #QUAKE#$IPCHAINS -A input -s 0/0 -d $IP_EXT/32 27950:27952 -p tcp -j ACCEPT > #QUAKE#if [ "$QUAKE_HOST" != "firewall" ]; then > #QUAKE#$IPMASQADM portfw -a -P tcp -L $IP_EXT 4242 -R $QUAKE_HOST 4242 > #QUAKE#$IPMASQADM portfw -a -P tcp -L $IP_EXT 27901 -R $QUAKE_HOST 27901 > #QUAKE#$IPMASQADM portfw -a -P udp -L $IP_EXT 27901 -R $QUAKE_HOST 27901 > #QUAKE#$IPMASQADM autofw -A -r udp 27910 27961 -h $QUAKE_HOST > #QUAKE#$IPMASQADM autofw -A -r tcp 27950 27952 -h $QUAKE_HOST > #QUAKE#fi > > I spent some time looking into it, and it turns out that > QuakeII is different from QuakeI, and QuakeIII is different from > QuakeII. How very nice. :) > The above rules should take care of all three flavors. > Remember how it said "still needs testing"? Heh. Understatement > of the week. > > Lemme know how it goes! > > -Scott > > PS: echoWall 1.33 coming soon... > > On Sun, 4 Nov 2001, Kory Krofft wrote: > > > Tom, > > > > That maakes sense but how do I open that UDP port? I started this thread > > because > > I did not understand the syntax of the ipchains rules. The only down side I > > have found to LRP is no man pages. I tried the HOW-TOs but they assume a > > higher level of Linux knowledge than I have. Scott Best's echowall was > > suggested because it did not require a lot of esoteric command lines. I > > like the current plan of using one boot disk for gaming and a second for > > normal protection is fine so I could have one with echowall or modified > > ipchains rules if I can figure them out. > > > > Your suggestions are appreciated, > > > > Kory > > > > > > Tom Eastep wrote: > > > > > On Sunday 04 November 2001 05:16 pm, Kory Krofft wrote: > > > > Tom, > > > > No. I am testing from inside. I assume it would route out and back in > > > > ok. > > > > > > The problem isn't with packets sent from your local client to the > > > server but rather with packets going in the opposite direction. The > > > source address on those packets is the server's local address, not the > > > external address that the client thinks it is talking to. > > > > > > I just had a friend try from outside and it doesn't work either. > > > > My message loge from the firewall > > > > shows his IP address as being denied. > > > > Nov 4 19:07:07 markii kernel: Packet log: input DENY eth0 PROTO=17 > > > > 64.109.106.19:65037 65.28.237.42:27910 L=45 S=0x00 I=60764 F=0x0000 > > > > T=111 (#61) > > > > markii is my lrp box, 64.109.106.19 was his IP address. > > > > > > > > > > So this means that you need to open UDP port 27910.... > > > > > > -Tom > > > -- > > > Tom Eastep \ [EMAIL PROTECTED] > > > AIM: tmeastep \ http://www.shorewall.net > > > ICQ: #60745924 \_________________________ > > > > > > _______________________________________________ > > > Leaf-user mailing list > > > [EMAIL PROTECTED] > > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > > > > > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
