--- Ray Olszewski [EMAIL PROTECTED] wrote:
At 12:34 PM 12/29/2003 -0800, Michael Rogers wrote:
I know this is probably simple and trivial, but I
can't get it to work for the life of me...
I use Dachstein-1.0.2 as a firewall for my windows
machines behind my t-1. The only thing they do is
browse the internet and I ssh to my external
servers,
play some games at times.. normal stuff. There are
no
servers behind the firewall that need to be opened
to
the outside world.
My problem is I got a ps/2, with Socom-II and a
Mic/Headset, got the ps2 online behind the firewall
with no problems (I use static IP's for all my
machines). But I can't get the mic/headset to work
online... it works in single player mode and online
at
my cousins house behind a linksys router, so I know
the mic/headset is good.
I've tried numerous times/diffirent options to
opening
up these ports for/to my ps/2 mic to work but
with
no luck. Reading up, I believe the ports I need to
open are: tcp-10070 through 10080 and udp
6000-6999
and udp 10070.
Can anyone help me out with a simple way to open
these
up for my ps/2... my config IP's:
Dachstein system: 192.168.1.254
PS/2: 192.168.1.199
It would be easier to help if you provided the
standard disgnostics for
your system (see the SR FAQ). Without them, I'll
offer a guess -- firewalls
of the vintage of Dach often blocked access to
remote ports around 6000,
due to a well-known security hole involving remote X
Window connections. My
*guess* is that the version of Dach you are using --
or the drop-in
firewall, if you are using EchoWall or Seawall --
includes that limitation,
and that's what is biting you. If so, there is some
entry in
/etc/network.conf, or a related file -- or the
config file for the drop-in
firewall -- that puts a DENY rule for these ports
into one of the chains
(proably OUTPUT).
Also, the phrase open up is meaningless in this
context. Do you merely
mean that the firewall has to ACCEPT traffic to and
from these ports, or
that it has to port-forward it to a specific IP
address, or that it needs
some sort of special helper module (like ftp does),
or what? Did your
cousin need to do anything special with the Linksys,
for example ... that
would give a good hint of what the Dach firewall
needs to be told.
Ok, sorry about that, I should have read that SR Faq
first, anyway I built this years ago, so don't exactly
remember what was all in it. I uploaded the disk
image I used at:
http://www.tristateweb.com/dachstein-v1.0.2-1680.exe
If anyone wanted to get it to check. Also (this may
do the trick) here is some of the standard diagnostic
as in the FAQ:
uname -a: Linux firewall 2.2.19-3-LEAF #1 Sat Dec 1
12:15:05 CST 2001 i386 unknown
lsmod: ones Im using are: ip_masq_portfw,
ip_masq_mfw, ip_masq_ftp, ip_masq_autofw, ne2k-pci,
8390, pci-scan
ipchains -nvL: produced way to much to retype here,
but from the web interface/firewall rules I get:
Chain input (policy DENY: 0 packets, 0 bytes):
pkts bytes target prot opttosa tosx ifname
mark outsize source
destination ports
0 0 DENY icmp l- 0xFF 0x00 *
0.0.0.0/00.0.0.0/0
5 - *
0 0 DENY icmp l- 0xFF 0x00 *
0.0.0.0/00.0.0.0/0
13 - *
0 0 DENY icmp l- 0xFF 0x00 *
0.0.0.0/00.0.0.0/0
14 - *
0 0 DENY all l- 0xFF 0x00 eth0
0.0.0.0 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
255.255.255.255 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
127.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
224.0.0.0/4 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
10.0.0.0/8 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
172.16.0.0/120.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
192.168.0.0/16 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
0.0.0.0/80.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
128.0.0.0/16 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
191.255.0.0/16 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0
192.0.0.0/24 0.0.0.0/0
n/a
0 0 DENY all l- 0xFF 0x00 eth0