RE: [hlds_linux] Iptables help! ;-)
I compiled my own with some performance patches. I made some more changes and am recompiling now. Heres a good link I found btw... http://plastic.tresobis.org/docs/IPTABLES.html (someone may have posted this earlier, im too lazy to look atm) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Patrick Gissberg Sent: Sunday, December 26, 2004 7:58 PM To: hlds_linux@list.valvesoftware.com Subject: SV: [hlds_linux] Iptables help! ;-) Are you sure Packet mangling is enabled in your kernel? I run Gentoo 2004.3 but I don't NAT anything, just a simple firewall(using iptables). Did you configure your own kernel or used a vanilla one? I use Linux Kernel v2.6.9-gentoo-r9. /Patrick Gissberg -Ursprungligt meddelande- Från: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] För [EMAIL PROTECTED] Skickat: den 27 december 2004 01:36 Till: hlds_linux@list.valvesoftware.com Ämne: RE: [hlds_linux] Iptables help! ;-) Anyone running Gentoo? FATAL: Module ip_tables not found. iptables v1.2.11: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. I know iptables is in the kernel not as a module. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
SV: [hlds_linux] Iptables help! ;-)
Are you sure Packet mangling is enabled in your kernel? I run Gentoo 2004.3 but I don't NAT anything, just a simple firewall(using iptables). Did you configure your own kernel or used a vanilla one? I use Linux Kernel v2.6.9-gentoo-r9. /Patrick Gissberg -Ursprungligt meddelande- Från: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] För [EMAIL PROTECTED] Skickat: den 27 december 2004 01:36 Till: hlds_linux@list.valvesoftware.com Ämne: RE: [hlds_linux] Iptables help! ;-) Anyone running Gentoo? FATAL: Module ip_tables not found. iptables v1.2.11: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. I know iptables is in the kernel not as a module. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] Iptables help! ;-)
Anyone running Gentoo? FATAL: Module ip_tables not found. iptables v1.2.11: can't initialize iptables table `mangle': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. I know iptables is in the kernel not as a module. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of danal1 Sent: Sunday, December 26, 2004 6:03 PM To: hlds_linux@list.valvesoftware.com Subject: RE: [hlds_linux] Iptables help! ;-) Thank You! I used your iptables settings and I cannot see the cstrike server internally nor can anyone see it on the internet. I am reloading my server with Gentoo Fedora Core 1 was flaky. I have run different Linux distros for years and none ever crashed closing a Konqueror window except Fedora Core 1. I appreciate the response and I will try again once I get my server reloaded. Dana -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kennycom Sent: Sunday, December 26, 2004 5:52 PM To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Iptables help! ;-) Yes Kennycom1 is bound to a static internal IP. If you look on your FFW floppy and open the firewall.ini file (Firewall Configurations Settings file if viewed on a windows box) you will find your Iptable in there, and you will see how to bind whatever name you want to use for your game server to an IP... - Original Message - From: "danal1" <[EMAIL PROTECTED]> To: Sent: Sunday, December 26, 2004 8:23 AM Subject: RE: [hlds_linux] Iptables help! ;-) > Hi Kennycom, > Thanks for the reply! > > Is Kennycom1_ip your server inside your nat network > using an inside ip? > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kennycom > Sent: Saturday, December 25, 2004 10:38 PM > To: hlds_linux@list.valvesoftware.com > Subject: Re: [hlds_linux] Iptables help! ;-) > > > Here is my iptables setup,, there is a port range, as at times I have more > then 1 server running (CSS/HL2dm). If you are just going to be running 1 > game process on the 1 server then edit it . I am sure that someone here > will > probably point out a few lines that could be dropped for your purposes. If > there is no need to insure access from the inside network to the > gameserver > with a client game then drop the postrouting strings, as they are probably > redundent but help insure everything works. > > # CS > > iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 1200 -j > DNAT --to ${KENNYCOM1_IP}:1200 > > iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 1200 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 27020 -j > DNAT --to ${KENNYCOM1_IP}:27020 > > iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 27020 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport > 27000:27016 -j > DNAT --to ${KENNYCOM1_IP}:27000-27016 > > iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 27000:27016 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A POSTROUTING -t nat -p udp -d ${KENNYCOM1_IP} --dport > 27000:27016 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to > ${OUTSIDE_IP} > > iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport > 27030:27039 -j > DNAT --to ${KENNYCOM1_IP}:27030-27039 > > iptables -A FORWARD -p tcp -d ${KENNYCOM1_IP} --dport 27030:27039 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A POSTROUTING -t nat -p tcp -d ${KENNYCOM1_IP} --dport > 27030:27039 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to > ${OUTSIDE_IP} > > iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport > 27015:27016 -j > DNAT --to ${KENNYCOM1_IP}:27015-27016 > > iptables -A FORWARD -p tcp -d ${KENNYCOM1_IP} --dport 27015:27016 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A POSTROUTING -t nat -p tcp -d ${KENNYCOM1_IP} --dport > 27015:27016 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to > ${OUTSIDE_IP} > > > Other information can be found at www.iptables.org > > =) > - Original Message - > From: "danal1" <[EMAIL PROTECTED]> > To: > Sent: Saturday, December 25, 2004 3:37 PM > Subject: [hlds_linux] Iptables help! ;-) > > >> Hi, >> Does anyone use the Linux server behind an iptables firewall? >> >> If so, could you email your Ipmasquerade and forwarding rules and port >> settings tcp and udp for >> the HLDS? >> >> Thanks! >> >> This is a great list to be on! >> Dana >> >> >> -- >> No virus found in this outgoing message. >> Checked by AVG Anti-Virus. >> Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 12/22/2004 >> >> >> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesof
Re: [hlds_linux] Money Bug...
I'll report the bugs and let Valve sort them out. Eric (Deacon) wrote: In a bold display of creativity, hondaman wrote: Its a bug. Needs to be fixed. You have some kind of problem squishing bugs? The problem is in prioritizing which bugs get squished first. -- Eric (the Deacon remix) Eric (Deacon) wrote: In a bold display of creativity, hondaman wrote: Ok, alfred, here is the double flash bug: Buy 2 flash bangs. Cock one, then double tap. You will throw them both at nearly the same time. Within milliseconds of each other. That somehow doesn't sound like much of an issue, unless I guess you're suggesting that people who double-click will be at a disadvantage because their inability to click only once leaves them without an extra flash to toss? Either way, sheesh, we have way more important things to worry about, right? -- Eric (the Deacon remix) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] Iptables help! ;-)
Thank You! I used your iptables settings and I cannot see the cstrike server internally nor can anyone see it on the internet. I am reloading my server with Gentoo Fedora Core 1 was flaky. I have run different Linux distros for years and none ever crashed closing a Konqueror window except Fedora Core 1. I appreciate the response and I will try again once I get my server reloaded. Dana -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kennycom Sent: Sunday, December 26, 2004 5:52 PM To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Iptables help! ;-) Yes Kennycom1 is bound to a static internal IP. If you look on your FFW floppy and open the firewall.ini file (Firewall Configurations Settings file if viewed on a windows box) you will find your Iptable in there, and you will see how to bind whatever name you want to use for your game server to an IP... - Original Message - From: "danal1" <[EMAIL PROTECTED]> To: Sent: Sunday, December 26, 2004 8:23 AM Subject: RE: [hlds_linux] Iptables help! ;-) > Hi Kennycom, > Thanks for the reply! > > Is Kennycom1_ip your server inside your nat network > using an inside ip? > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kennycom > Sent: Saturday, December 25, 2004 10:38 PM > To: hlds_linux@list.valvesoftware.com > Subject: Re: [hlds_linux] Iptables help! ;-) > > > Here is my iptables setup,, there is a port range, as at times I have more > then 1 server running (CSS/HL2dm). If you are just going to be running 1 > game process on the 1 server then edit it . I am sure that someone here > will > probably point out a few lines that could be dropped for your purposes. If > there is no need to insure access from the inside network to the > gameserver > with a client game then drop the postrouting strings, as they are probably > redundent but help insure everything works. > > # CS > > iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 1200 -j > DNAT --to ${KENNYCOM1_IP}:1200 > > iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 1200 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 27020 -j > DNAT --to ${KENNYCOM1_IP}:27020 > > iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 27020 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport > 27000:27016 -j > DNAT --to ${KENNYCOM1_IP}:27000-27016 > > iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 27000:27016 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A POSTROUTING -t nat -p udp -d ${KENNYCOM1_IP} --dport > 27000:27016 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to > ${OUTSIDE_IP} > > iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport > 27030:27039 -j > DNAT --to ${KENNYCOM1_IP}:27030-27039 > > iptables -A FORWARD -p tcp -d ${KENNYCOM1_IP} --dport 27030:27039 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A POSTROUTING -t nat -p tcp -d ${KENNYCOM1_IP} --dport > 27030:27039 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to > ${OUTSIDE_IP} > > iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport > 27015:27016 -j > DNAT --to ${KENNYCOM1_IP}:27015-27016 > > iptables -A FORWARD -p tcp -d ${KENNYCOM1_IP} --dport 27015:27016 -o > ${INSIDE_DEVICE} -j ACCEPT > > iptables -A POSTROUTING -t nat -p tcp -d ${KENNYCOM1_IP} --dport > 27015:27016 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to > ${OUTSIDE_IP} > > > Other information can be found at www.iptables.org > > =) > - Original Message - > From: "danal1" <[EMAIL PROTECTED]> > To: > Sent: Saturday, December 25, 2004 3:37 PM > Subject: [hlds_linux] Iptables help! ;-) > > >> Hi, >> Does anyone use the Linux server behind an iptables firewall? >> >> If so, could you email your Ipmasquerade and forwarding rules and port >> settings tcp and udp for >> the HLDS? >> >> Thanks! >> >> This is a great list to be on! >> Dana >> >> >> -- >> No virus found in this outgoing message. >> Checked by AVG Anti-Virus. >> Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 12/22/2004 >> >> >> >> ___ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > -- > No virus found in this incoming message. > Checked by AVG Anti-Virus. > Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 12/22/2004 > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.296 / Virus Database: 265.6.5 - Release Date: 12/26/2004 > > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > htt
Re: [hlds_linux] Money Bug...
In a bold display of creativity, hondaman wrote: Its a bug. Needs to be fixed. You have some kind of problem squishing bugs? The problem is in prioritizing which bugs get squished first. -- Eric (the Deacon remix) Eric (Deacon) wrote: In a bold display of creativity, hondaman wrote: Ok, alfred, here is the double flash bug: Buy 2 flash bangs. Cock one, then double tap. You will throw them both at nearly the same time. Within milliseconds of each other. That somehow doesn't sound like much of an issue, unless I guess you're suggesting that people who double-click will be at a disadvantage because their inability to click only once leaves them without an extra flash to toss? Either way, sheesh, we have way more important things to worry about, right? -- Eric (the Deacon remix) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Iptables help! ;-)
Yes Kennycom1 is bound to a static internal IP. If you look on your FFW floppy and open the firewall.ini file (Firewall Configurations Settings file if viewed on a windows box) you will find your Iptable in there, and you will see how to bind whatever name you want to use for your game server to an IP... - Original Message - From: "danal1" <[EMAIL PROTECTED]> To: Sent: Sunday, December 26, 2004 8:23 AM Subject: RE: [hlds_linux] Iptables help! ;-) Hi Kennycom, Thanks for the reply! Is Kennycom1_ip your server inside your nat network using an inside ip? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kennycom Sent: Saturday, December 25, 2004 10:38 PM To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Iptables help! ;-) Here is my iptables setup,, there is a port range, as at times I have more then 1 server running (CSS/HL2dm). If you are just going to be running 1 game process on the 1 server then edit it . I am sure that someone here will probably point out a few lines that could be dropped for your purposes. If there is no need to insure access from the inside network to the gameserver with a client game then drop the postrouting strings, as they are probably redundent but help insure everything works. # CS iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 1200 -j DNAT --to ${KENNYCOM1_IP}:1200 iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 1200 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 27020 -j DNAT --to ${KENNYCOM1_IP}:27020 iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 27020 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 27000:27016 -j DNAT --to ${KENNYCOM1_IP}:27000-27016 iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 27000:27016 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A POSTROUTING -t nat -p udp -d ${KENNYCOM1_IP} --dport 27000:27016 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to ${OUTSIDE_IP} iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport 27030:27039 -j DNAT --to ${KENNYCOM1_IP}:27030-27039 iptables -A FORWARD -p tcp -d ${KENNYCOM1_IP} --dport 27030:27039 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A POSTROUTING -t nat -p tcp -d ${KENNYCOM1_IP} --dport 27030:27039 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to ${OUTSIDE_IP} iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport 27015:27016 -j DNAT --to ${KENNYCOM1_IP}:27015-27016 iptables -A FORWARD -p tcp -d ${KENNYCOM1_IP} --dport 27015:27016 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A POSTROUTING -t nat -p tcp -d ${KENNYCOM1_IP} --dport 27015:27016 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to ${OUTSIDE_IP} Other information can be found at www.iptables.org =) - Original Message - From: "danal1" <[EMAIL PROTECTED]> To: Sent: Saturday, December 25, 2004 3:37 PM Subject: [hlds_linux] Iptables help! ;-) Hi, Does anyone use the Linux server behind an iptables firewall? If so, could you email your Ipmasquerade and forwarding rules and port settings tcp and udp for the HLDS? Thanks! This is a great list to be on! Dana -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 12/22/2004 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 12/22/2004 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.5 - Release Date: 12/26/2004 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Iptables
On 26.12.2004 at 19:28 Brubaker <[EMAIL PROTECTED]> wrote: >I only know that one from the webmin > >www.webmin.org http://www.fwbuilder.org/ is just another one :) with best regards, ruwen ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Iptables
actually it's http://www.webmin.com Brubaker wrote: I only know that one from the webmin www.webmin.org On Sun, 26 Dec 2004 11:27:03 -0500, danal1 wrote Does anyone use a gui config utility to configure their Iptables and if so, which one is a good one that's easy to use? I have been using the Floppyfw (http://www.zelow.no/floppyfw/) for years and have run many servers but Half Life 2 is a bear to configure! ;-) Thanks! Dana -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.5 - Release Date: 12/26/2004 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- lms-clan.net Webmail (http://www.lms-clan.net) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- My "Foundation" verse: Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou shalt condemn. This is the heritage of the servants of the LORD, and their righteousness is of me, saith the LORD. -- carpe ductum -- "Grab the tape" CDTT (Certified Duct Tape Technician) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Money Bug...
Its a bug. Needs to be fixed. You have some kind of problem squishing bugs? Eric (Deacon) wrote: In a bold display of creativity, hondaman wrote: Ok, alfred, here is the double flash bug: Buy 2 flash bangs. Cock one, then double tap. You will throw them both at nearly the same time. Within milliseconds of each other. That somehow doesn't sound like much of an issue, unless I guess you're suggesting that people who double-click will be at a disadvantage because their inability to click only once leaves them without an extra flash to toss? Either way, sheesh, we have way more important things to worry about, right? -- Eric (the Deacon remix) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Iptables
I only know that one from the webmin www.webmin.org On Sun, 26 Dec 2004 11:27:03 -0500, danal1 wrote > Does anyone use a gui config utility to configure their Iptables and > if so, which one is a good one that's easy to use? > > I have been using the Floppyfw (http://www.zelow.no/floppyfw/) for years > and have run many servers > but Half Life 2 is a bear to configure! ;-) > > Thanks! > > Dana > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.296 / Virus Database: 265.6.5 - Release Date: 12/26/2004 > > ___ > To unsubscribe, edit your list preferences, or view the list > archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- lms-clan.net Webmail (http://www.lms-clan.net) ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
[hlds_linux] Iptables
Does anyone use a gui config utility to configure their Iptables and if so, which one is a good one that's easy to use? I have been using the Floppyfw (http://www.zelow.no/floppyfw/) for years and have run many servers but Half Life 2 is a bear to configure! ;-) Thanks! Dana -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.5 - Release Date: 12/26/2004 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
RE: [hlds_linux] Iptables help! ;-)
Hi Kennycom, Thanks for the reply! Is Kennycom1_ip your server inside your nat network using an inside ip? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kennycom Sent: Saturday, December 25, 2004 10:38 PM To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Iptables help! ;-) Here is my iptables setup,, there is a port range, as at times I have more then 1 server running (CSS/HL2dm). If you are just going to be running 1 game process on the 1 server then edit it . I am sure that someone here will probably point out a few lines that could be dropped for your purposes. If there is no need to insure access from the inside network to the gameserver with a client game then drop the postrouting strings, as they are probably redundent but help insure everything works. # CS iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 1200 -j DNAT --to ${KENNYCOM1_IP}:1200 iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 1200 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 27020 -j DNAT --to ${KENNYCOM1_IP}:27020 iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 27020 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A PREROUTING -t nat -p udp -d ${OUTSIDE_IP} --dport 27000:27016 -j DNAT --to ${KENNYCOM1_IP}:27000-27016 iptables -A FORWARD -p udp -d ${KENNYCOM1_IP} --dport 27000:27016 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A POSTROUTING -t nat -p udp -d ${KENNYCOM1_IP} --dport 27000:27016 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to ${OUTSIDE_IP} iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport 27030:27039 -j DNAT --to ${KENNYCOM1_IP}:27030-27039 iptables -A FORWARD -p tcp -d ${KENNYCOM1_IP} --dport 27030:27039 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A POSTROUTING -t nat -p tcp -d ${KENNYCOM1_IP} --dport 27030:27039 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to ${OUTSIDE_IP} iptables -A PREROUTING -t nat -p tcp -d ${OUTSIDE_IP} --dport 27015:27016 -j DNAT --to ${KENNYCOM1_IP}:27015-27016 iptables -A FORWARD -p tcp -d ${KENNYCOM1_IP} --dport 27015:27016 -o ${INSIDE_DEVICE} -j ACCEPT iptables -A POSTROUTING -t nat -p tcp -d ${KENNYCOM1_IP} --dport 27015:27016 -s ${INSIDE_NETWORK}/${INSIDE_NETMASK} -j SNAT --to ${OUTSIDE_IP} Other information can be found at www.iptables.org =) - Original Message - From: "danal1" <[EMAIL PROTECTED]> To: Sent: Saturday, December 25, 2004 3:37 PM Subject: [hlds_linux] Iptables help! ;-) > Hi, > Does anyone use the Linux server behind an iptables firewall? > > If so, could you email your Ipmasquerade and forwarding rules and port > settings tcp and udp for > the HLDS? > > Thanks! > > This is a great list to be on! > Dana > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 12/22/2004 > > > > ___ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.4 - Release Date: 12/22/2004 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.5 - Release Date: 12/26/2004 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux