> > > > Is there a way to make that heartbeat originate from the same port on > > the firewall as it does from the Half-Life server? > > Not as such. You see, in order for your masq box to be able to separate > masq traffic from traffic destined to itself, it must examine the port > number. Ports greater than 61000 are masq traffic, and are passed > through the masq layer; other ports are not. Maybe that isn't the way > you or I might like it to be designed, but that is how it works; it > can't be changed, since it's a fundamental design decision. I understand the fundamentals how masq works... I don't disagree with the method either. I'm relatively new to ipchains but it seems as if the rule of "REDIRECT" or the "forward" chain is somewhat underutilized. I have a very long firewall script with "forward' used only once for the masq rule and "REDIRECT" not used at all. I was sure they did more than I gleaned from the man page. I was hoping someone had a trick for passing the packets through without masqing them and using portfw to handle the replies. > Now, that being said, there might be a way to do it, using a > UDP-redirector, along with a transparent proxy. The transparent proxy > could "capture" the outgoing packet as it tries to leave, and then send > it out using a small app that runs natively on the masq box. Since it's > not a masqueraded application, it can send on any port it desires. I've looked high and low for a x-parent proxy that handles UDP since your reply (I can't code). Can you provide a starting point from which to look? Thanks FF Regards, Jeff > I'm trying to use the same method to masquerade rsh/rlogin traffic, > which is also a port-sensitive protocol. Still working on it, though... > > -- > [EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut > sometimes known as David DeSimone || butter quite like unrequited love." > http://www.dallas.net/~fox/ || -- Charlie Brown > > > > > --__--__-- > > _______________________________________________ > Masq maillist - [EMAIL PROTECTED] > http://tiffany.indyramp.com/mailman/listinfo/masq > Admin requests handled at the above URL or [EMAIL PROTECTED] > > --__--__---- > > End of Masq Digest _______________________________________________ Masq maillist - [EMAIL PROTECTED] http://tiffany.indyramp.com/mailman/listinfo/masq Admin requests can be handled by web (above) or [EMAIL PROTECTED]
