RE: Major Gaming problems

[Eric Kluft]

You can do this with ipmasqadm (see man pages).   However, it is not possible.   When you start a multiplayer game, you connect to a server by tcp (port 47624).   Masquerading this port is no problem.   Then, during this tcp connection, the udp port is exchanged, on which the server is going to connect to the clients. When your computer receives this port nr, it starts listening to incoming udp frames on that port. Your firewall however doesn't and just sends rst's to that server.   So, a firewall module should look at the tcp-packets. When it sees a udp portnr, it should start listening on that port and forward the packages to the client.   When I did a package dump while playing and examined the packages afterwards, the place of the udp port nr in such a tcp package kept changing over different games. So it is not enough for the firewall module just to look at the packages, it should have direct-play logic which really interpret the tcp frames to extract the udp port used. I don't think microsoft has published enough information about direct-play to allow you to build such a module yourself (but I didn't spend much time looking for it).   I got it working by just forwarding all udp ports (1024:65535) to my local workstation. A bit nasty for all other apps using udp. If you are the only user of the firewall, you could do this during a game and change it back when your are finished.   If you can give me more information about the tcp frame exchanges during the start of direct play, I'm willing to try writing a firwall module.   Regards,   Eric.     -----Original Message----- From: Trenton D. Adams [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 01, 1999 2:28 AM To: Linux-Net Subject: Major Gaming problems Hello people.  I asked a while back about IP Masquerading, and Total Annihilation.  I never did get it going.  I just don't understand why it doesn't work.  I was using ipfwadm before, and now I upgraded to Linux 6.0 which uses ipchains.  If I issue the command "ipchains -L -M" when trying to connect to a game, it shows that my Windows machine had infact connected to the required ports.  So, why wouldn't it work?   Is there any way of redirecting packets?  I want to redirect all packets that are going to a specific port on the linux ppp link to my Windows machine.  I know you can go "ipchains -A input -p udp -d 0.0.0.0/0 destport -j REDIRECT redirport", but I don't know of a way of redirecting a whole packet.  If I could do this, I think it might work!   Or, maybe someone has made a module for ipchains for TA, kinda like the ftp module?