--- Ray Olszewski <[EMAIL PROTECTED]> wrote:
> At 12:34 PM 12/29/2003 -0800, Michael Rogers wrote:
> >I know this is probably simple and trivial, but I
> >can't get it to work for the life of me...
> >
> >I use Dachstein-1.0.2 as a firewall for my windows
> >machines behind my t-1. The only thing they do is
> >browse the internet and I ssh to my external
> servers,
> >play some games at times.. normal stuff. There are
> no
> >servers behind the firewall that need to be opened
> to
> >the outside world.
> >
> >My problem is I got a ps/2, with Socom-II and a
> >Mic/Headset, got the ps2 online behind the firewall
> >with no problems (I use static IP's for all my
> >machines). But I can't get the mic/headset to work
> >online... it works in single player mode and online
> at
> >my cousins house behind a linksys router, so I know
> >the mic/headset is good.
> >
> >I've tried numerous times/diffirent options to
> opening
> >up these ports for/to my ps/2 & mic to work but
> with
> >no luck. Reading up, I believe the ports I need to
> >open are: tcp-10070 through 10080 and udp
> 6000-6999
> >and udp 10070.
> >
> >Can anyone help me out with a simple way to open
> these
> >up for my ps/2... my config IP's:
> >Dachstein system: 192.168.1.254
> >PS/2: 192.168.1.199
>
> It would be easier to help if you provided the
> standard disgnostics for
> your system (see the SR FAQ). Without them, I'll
> offer a guess -- firewalls
> of the vintage of Dach often blocked access to
> remote ports around 6000,
> due to a well-known security hole involving remote X
> Window connections. My
> *guess* is that the version of Dach you are using --
> or the drop-in
> firewall, if you are using EchoWall or Seawall --
> includes that limitation,
> and that's what is biting you. If so, there is some
> entry in
> /etc/network.conf, or a related file -- or the
> config file for the drop-in
> firewall -- that puts a DENY rule for these ports
> into one of the chains
> (proably OUTPUT).
>
> Also, the phrase "open up" is meaningless in this
> context. Do you merely
> mean that the firewall has to ACCEPT traffic to and
> from these ports, or
> that it has to port-forward it to a specific IP
> address, or that it needs
> some sort of special helper module (like ftp does),
> or what? Did your
> cousin need to do anything special with the Linksys,
> for example ... that
> would give a good hint of what the Dach firewall
> needs to be told.
>
>
>
Ok, sorry about that, I should have read that SR Faq
first, anyway I built this years ago, so don't exactly
remember what was all in it. I uploaded the disk
image I used at:
http://www.tristateweb.com/dachstein-v1.0.2-1680.exe
If anyone wanted to get it to check. Also (this may
do the trick) here is some of the standard diagnostic
as in the FAQ:
uname -a: Linux firewall 2.2.19-3-LEAF #1 Sat Dec 1
12:15:05 CST 2001 i386 unknown
lsmod: ones Im using are: ip_masq_portfw,
ip_masq_mfw, ip_masq_ftp, ip_masq_autofw, ne2k-pci,
8390, pci-scan
ipchains -nvL: produced way to much to retype here,
but from the web interface/firewall rules I get:
Chain input (policy DENY: 0 packets, 0 bytes):
pkts bytes target prot opt tosa tosx ifname
mark outsize source
destination ports
0 0 DENY icmp ----l- 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
5 -> *
0 0 DENY icmp ----l- 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
13 -> *
0 0 DENY icmp ----l- 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
14 -> *
0 0 DENY all ----l- 0xFF 0x00 eth0
0.0.0.0 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
255.255.255.255 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
127.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
224.0.0.0/4 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
10.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
172.16.0.0/12 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
192.168.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
0.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
128.0.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
191.255.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
192.0.0.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
223.255.255.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
240.0.0.0/4 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
192.168.1.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
24.123.69.206 0.0.0.0/0
n/a
0 0 REJECT all ----l- 0xFF 0x00 eth0
0.0.0.0/0 127.0.0.0/8
n/a
0 0 REJECT all ----l- 0xFF 0x00 eth0
0.0.0.0/0
192.168.1.0/24 n/a
0 0 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 137
2944 143K REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 135
486 37908 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 137
3 1704 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 135
22 1184 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 138:139
193 44971 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 138
0 0 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
137:138 -> *
0 0 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
135 -> *
0 0 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
137:139 -> *
0 0 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
135 -> *
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
24.123.69.128/25 0.0.0.0/0
* -> 22
48 3603 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 80
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 1023
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10070
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10071
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10072
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10073
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10074
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10075
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10076
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10077
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10078
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10079
0 0 ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10080
171 10260 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 113
218K 81M ACCEPT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 1024:65535
0 0 REJECT udp ----l- 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 161:162
0 0 ACCEPT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 53
0 0 ACCEPT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 68
2 470 ACCEPT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 6000:6999
0 0 ACCEPT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 10070:10080
0 0 DENY udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 67
48487 6520K ACCEPT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 1024:65535
2142 193K ACCEPT icmp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> *
0 0 ACCEPT ospf ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
n/a
86 4200 DENY all ----l- 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
n/a
0 0 REJECT udp ----l- 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
* -> 161:162
0 0 REJECT udp ----l- 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
161:162 -> *
245K 19M ACCEPT all ------ 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
n/a
Chain forward (policy DENY: 0 packets, 0 bytes):
pkts bytes target prot opt tosa tosx ifname
mark outsize source
destination ports
0 0 DENY icmp ----l- 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
5 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10070 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10071 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10072 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10073 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10074 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10075 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10075 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10077 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10078 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10079 -> *
0 0 MASQ tcp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10080 -> *
0 0 MASQ udp ------ 0xFF 0x00 *
192.168.1.199 0.0.0.0/0
10070 -> *
237K 18M MASQ all ------ 0xFF 0x00 eth0
192.168.1.0/24 0.0.0.0/0
n/a
0 0 DENY all ------ 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
n/a
Chain output (policy DENY: 0 packets, 0 bytes):
pkts bytes target prot opt tosa tosx ifname
mark outsize source
destination ports
510K 107M fairq all ------ 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
0.0.0.0 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
255.255.255.255 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
127.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
224.0.0.0/4 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
10.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
172.16.0.0/12 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
192.168.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
0.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
128.0.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
191.255.0.0/16 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
192.0.0.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
223.255.255.0/24 0.0.0.0/0
n/a
0 0 DENY all ----l- 0xFF 0x00 eth0
240.0.0.0/4 0.0.0.0/0
n/a
0 0 DENY all ------ 0xFF 0x00 eth0
192.168.1.0/24 0.0.0.0/0
n/a
0 0 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 137
0 0 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 135
0 0 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 137
0 0 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 135
0 0 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 138:139
0 0 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
* -> 138
0 0 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
137:138 -> *
0 0 REJECT udp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
135 -> *
0 0 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
137:139 -> *
0 0 REJECT tcp ------ 0xFF 0x00 eth0
0.0.0.0/0 0.0.0.0/0
135 -> *
510K 107M ACCEPT all ------ 0xFF 0x00 *
0.0.0.0/0 0.0.0.0/0
n/a
Chain fairq (1 references):
pkts bytes target prot opt tosa tosx ifname
mark outsize source
destination ports
0 0 RETURN ospf ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
n/a
0 0 RETURN ospf ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
n/a
0 0 RETURN udp ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
* -> 520
0 0 RETURN udp ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
520 -> *
0 0 RETURN tcp ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
* -> 179
0 0 RETURN tcp ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
179 -> *
0 0 RETURN tcp ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
* -> 53
0 0 RETURN tcp ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
53 -> *
44942 3356K RETURN udp ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
* -> 53
42327 6054K RETURN udp ------ 0xFF 0x00 *
0x1 0.0.0.0/0 0.0.0.0/0
53 -> *
4646 404K RETURN tcp ------ 0xFF 0x00 *
0x2 0.0.0.0/0 0.0.0.0/0
* -> 23
4622 451K RETURN tcp ------ 0xFF 0x00 *
0x2 0.0.0.0/0 0.0.0.0/0
23 -> *
521 25117 RETURN tcp ------ 0xFF 0x00 *
0x2 0.0.0.0/0 0.0.0.0/0
* -> 22
459 54421 RETURN tcp ------ 0xFF 0x00 *
0x2 0.0.0.0/0 0.0.0.0/0
22 -> *
:: Port FW ::
prot localaddr rediraddr
lport rport pcnt pref
UDP 24.123.69.206 192.168.1.199
10070 10070 10 10
UDP 24.123.69.206 192.168.1.199
6000 6000 10 10
TCP 24.123.69.206 192.168.1.199
10080 10080 10 10
TCP 24.123.69.206 192.168.1.199
10079 10079 10 10
TCP 24.123.69.206 192.168.1.199
10078 10078 10 10
TCP 24.123.69.206 192.168.1.199
10077 10077 10 10
TCP 24.123.69.206 192.168.1.199
10076 10075 10 10
TCP 24.123.69.206 192.168.1.199
10075 10075 10 10
TCP 24.123.69.206 192.168.1.199
10074 10074 10 10
TCP 24.123.69.206 192.168.1.199
10073 10073 10 10
TCP 24.123.69.206 192.168.1.199
10072 10072 10 10
TCP 24.123.69.206 192.168.1.199
10071 10071 10 10
TCP 24.123.69.206 192.168.1.199
10070 10070 10 10
:: MarkFW ::
fwmark rediraddr rport pcnt pref
:: AutoFW ::
Type Prot Low High Vis Hid Where Last CPto
CPrt Timer Flags
1 6 2756-2760/0000 0000 C0A801C7 00000000 0000
0000 0 2
1 11 2756-2760/0000 0000 C0A801C7 00000000 0000
0000 0 2
1 11 1770-1B57/0000 0000 C0A801C7 00000000 0000
0000 0 2
As far as wether or not these have to be forwarded or
not I'm not 100% sure. My cousin didn't do anything
to the linksys, it worked out of the box, and it
worked when we had both ps/2's hooked into it. This
sounds like it only needs to accept the traffic
in/out??? Either way maybe you could give me examples
of both. Obviously this isn't a huge priority and I
certainly appreciate any help!!!
Michael Rogers
__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
