Re: [PATCH] Quake III Arena conntracker

Thu, 04 Apr 2002 05:10:42 -0800 

Mr. Sneppe,

--- Filip Sneppe <[EMAIL PROTECTED]> wrote:
> Hi,
> 
> Is anyone interested in giving this conntracker a little swing ?
> It's actualy my first attempt at netfilter hacking (or kernel
> hacking for that matter), so any constructive criticism is more
> than welcome.

       I'll try it. I play Q3A all the time ;)

> 
> One thing I am not too sure about is the locking I used when
> adding an expected connection. I've based this code on the tftp
> helper, which does not lock anything, although I fail to understand
> why... Also, I hope I followed the correct way to add expectations
> within the newnat framework.
> 
> Anyway here's a little more info for those of you claiming that
> Quake III is already working fine through their firewalls :-) :

        Myself included - so far I've had no difficulties with anything....

> 
> What happens in Internet multiplayer mode is, the client connects
> to a master server on port 27950/UDP and requests a list of game
> servers (IP address + UDP port pairs). The master server responds 
> with one or more packets, each containing a bunch of ip address-port
> pairs. This module will track these responses and add the necessary
> expectations. It's imperative to patch the kernel with newnat
> support before applying this patch.

       OK. I understand this analysis, but to me, it doesn't explain why this
conntracker is needed. AFAICT on my system, everything is handled by the basic
UDP conntrack code. Could you explain it a little better, please?

> 
> The format of the master server response packet is:
> 
> - udp header: 8 bytes
> - 4 bytes of filler info set to 0xFF, 0xFF, 0xFF, 0xFF
> - The string "getserversResponse" (18 bytes)
> - a number of occurences of the following sequence:
>   - a "\" character
>   - an IP address (4 bytes)
>   - a port number (2 bytes)
> 
> One more thing: since all traffic is originated by the client,
> I did not write a NAT module, since imho the normal NAT
> framework is able to cope with this protocol.
> 
> Thanks to the people behind ethereal for including Quake III
> protocol recognition in their sniffer.
> 
> Regards,
> Filip
> 

Brad


=====
Brad Chapman

Permanent e-mail: [EMAIL PROTECTED]
Current e-mail: [EMAIL PROTECTED]
Alternate e-mail: [EMAIL PROTECTED]

__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/

Reply via email to