> CS> It doesn't look like your modification to ipfilter.conf 'took' (or at
least it's not reflected in the rules above):
> DG: I was toggling between MASQ and ACCEPT in the filter line
and left it at MASQ when the ACCEPT command didn't work.
I needed to get the servers bac
DG: Is it possible to do this: have ALL UDP inbound in the 64xxx range directed to
the server's 27015 port? That would fix it.
Dan
NOTE:
- You still have outbound traffic from the DMZ masqueraded (the first MASQ
rule)
- You have 22 Denied packets in the forward chain...you might want to log
CS> It doesn't look like your modification to ipfilter.conf 'took' (or at
least it's not reflected in the rules above):
DG: I was toggling between MASQ and ACCEPT in the filter line
and left it at MASQ when the ACCEPT command didn't work.
I needed to get the servers back on
> CS> The problems above are almost certianly due to the setup of your
firewall rules. By not masquerading any outbound UDP traffic, you will
break any UDP protocols that expect to recieve data from the internet not
explicitly listed in DMZ_OPEN_DEST. Add any specific UDP protocols you're
using
RE: Ping failures
>You've got me on this one...I don't know why pings are not working. There
are no denies of ICMP packets in your firewall rules listed above. Is the
machine you're trying to ping setup to send back reply packets? Is it
possible you've got ICMP messages blocked on the server yo
Charles,
We are definitely making progress, but a few kinks remain.
Subject: Re: [Leaf-user] Routing in Prozy ARP DMZ
RE: Ping failures
>You've got me on this one...I don't know why pings are not working. There
are no denies of ICMP packets in your firewall rules listed a
> >I assume your reports of ping failures are accurate, but the cause is
not.
Your routing tables are setup properly (assuming your server machines are on
the DMZ and not plugged directly into the cable-modem network).
>
> OK...now it's just the pings that are failing. I can access the server in
>I think you're getting close...I'll try to help you get everything working
properly.
Much appreciated :)
>I assume your reports of ping failures are accurate, but the cause is not.
Your routing tables are setup properly (assuming your server machines are on
the DMZ and not plugged directly
> I have my game servers in the DMZ, and they can "see" the internet, browse
the web, etc. I have tested an http server running on one of them, and it
is accessible from the outside. My external testers still can't see the
game servers --- but I'll park that concern for now, since the http serve