I'm trying to setup pf to allow one machine on my network to play (and even host) Age of Empires III. I've tried a myrid of different settings in my pf.conf with the following as present. .... rdr on $ext_if proto tcp from any to $ext_if port 2300 tag AOE -> $gamer port 2300 rdr on $ext_if proto udp from any to $ext_if port 2300:2310 tag AOEUDP -> $gamer block log all pass in quick on $ext_if tagged AOEUDP keep state pass in quick on $ext_if tagged AOE keep state pass out quick on $int_if tagged AOE keep state pass out quick on $int_if tagged AOEUDP keep state .... With
pass out on $ext_if proto tcp all keep state thrown in the last line for good measure. With this I can at least join a game (sort of, it will still kick me out once in a while). However I can't host a game. I have to use a crappy netgear (reboot my router which kills all my web services) to host a game. When I try to host pf blocks UDP, even though it's allowed. tcpdump -ttt -eni pflog0 tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: listening on pflog0, link-type PFLOG Jan 17 23:50:12.654480 rule 0/(match) block in on xl0: 24.83.xx.xxx.2300 > my.ip.ad.dr.63973: udp 40 [tos 0x20] Jan 17 23:50:12.767156 rule 0/(match) block in on xl0: 24.83.xx.xxx.2300 > my.ip.ad.dr.63973: udp 40 [tos 0x20] Jan 17 23:50:12.810197 rule 0/(match) block in on xl0: 24.83.xx.xxx.2300 > my.ip.ad.dr.63973: udp 10 [tos 0x20] With my.ip.ad.dr being the IP on $ext_if Rule 0 is the block log all. Is there some kind of game UDP proxy like FTP has? It seems silly to me that I can get this to work on a POS netgear, but not in pf. Any ideas, suggestions, cursing, or scolding's would be greatly appreciated. I'm at the end of what I know how to do, I've spent almost a month on this (and learned a lot about pf in the process)
