Setting: Got a CS-server on my LAN that I would like people on the outside to connect to. I also have an iptables firewall on a DSL connection. The firewall has two NICs, one for the lan (192.168.1.x) and the other connects to the DSL router, which receives an official ip adress by means of DHCP.
I've run numerous searches through Google, but most examples just don't work. [1] The cs-server gets authed with WON and all looks fine, but noone can connect to my server. I mean, there's gotta be someone out there who's done this. Can anyone help, preferably by posting a ruleset that has been proven to work properly in this scenario? [1] The following example, taken from a private website, actually gets my server WON authed, but still no connect from the outside: IPADDR="my.external.ip.address" INTERNAL_INTERFACE="eth0" EXTERNAL_INTERFACE="eth1" LOCAL_IP="firewall.lan.ip.address" LOCALNET="localnet/24" LOCAL_HL="cs-server.lan.ip.address" HL_SERVERS="63.251.143.218 216.52.220.16 63.251.143.213" PRIVPORTS="0:1023" UNPRIVPORTS="1024:" for ADDRESS in $HL_SERVERS do iptables -A INPUT -i $EXTERNAL_INTERFACE -p tcp -s $ADDRESS --sport 6003 -d $IPADDR --dport $UNPRIVPORTS -j ACCEPT iptables -A INPUT -i $EXTERNAL_INTERFACE -p tcp -s $ADDRESS --sport 7002 -d $IPADDR --dport $UNPRIVPORTS -j ACCEPT iptables -A FORWARD -i $EXTERNAL_INTERFACE -p tcp -s $ADDRESS --sport 6003 -d $LOCALNET --dport $UNPRIVPORTS -j ACCEPT iptables -A FORWARD -i $EXTERNAL_INTERFACE -p tcp -s $ADDRESS --sport 7002 -d $LOCALNET --dport $UNPRIVPORTS -j ACCEPT done iptables -A INPUT -i $EXTERNAL_INTERFACE -p udp -d $IPADDR --dport 27015 -s 0/0 --sport $UNPRIVPORTS -j ACCEPT iptables -A FORWARD -i $EXTERNAL_INTERFACE -p udp -d $LOCALNET --dport 27015 -s 0/0 --sport $UNPRIVPORTS -j ACCEPT iptables -t nat -A PREROUTING -p udp --dport 27015 -j DNAT --to $LOCAL_HL Rgds, Are Westby
