Contributed by jose on from the gamelan dept.
"I've run into a bit of a problem. I have an OpenBSD frankenrouter running pf and nat, and as yet not had many problems. I allow all protocols outbound and keep state. Now I've moved in with a bunch of other people, and certain udp based protocols (halflife/counterstrike) break. Are there gaming proxies in the nature of ftp--proxy that would work under inetd/nat that could fix this? I do NOT want to open up the relevant ports to all hosts on the public internet. I do not want to put a rdr rule in nat.conf every time the users change servers. I want this to be dynamic and something that can happen while I sleep (and they play until dawn). Of course, if it automagically helped UDP based protocols in general, that would be ideal, but I'll settle for getting my users games to work. "I don't game much, but does anyone have any suggestions on how to make games work with pf?
(Comments are closed)
By schubert () on http://schubert.cx/
By Guido () spam@drdata.nl on mailto:spam@drdata.nl
We ran into the same problems; we then set up a few IPsec VPNs between the home LANs (all using OpenBSD) and now have transparent tcp/udp access.
By Sitsofe () on http://sucs.org/~sits/
By Tony Cosimano () tcosimano@yahoo.com on mailto:tcosimano@yahoo.com
pass out on $external inet proto udp all keep state
By Michael () michael_anuzis@hotmail.com on http://www.anuzis.net
Had a small problem when WarCraft3 game, but the only thing that had to be changed was a simple port forward 6112 to the windows comp.
If they're trying to play any of Microsoft's games, such as Age of Empires/Age of Kings you're going to have to set up some complicated NAT to support their crappy directplay protocol.
See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q240429&GSSNB=1
http://www.puffinsoft.com/
or one of the other 100 sites out there that explains how to do it. =)
By Isak Lyberth () ily@simpel-it.dk on mailto:ily@simpel-it.dk
internet----(ADSLrouter)---(FW)--Network
Both the router and the firewall are natting. The firewall is a OpenBSD 3.1 thing setup according to the faq. i have no porblems except with the games.
what needs to be done to make the games work?
Regards Isak
By dangit () on
I play CS and I've been thinking of building a simple home OBSD firewall for a long time, but I need somewhere to start. I'm sure it'll help the original poster as well if you'll say more than "I can do it. It's easy."
By tacky () uce@ftc.gov on mailto:uce@ftc.gov
So the pf suggestions were all things I already was doing. I use the rule:
pass out on $ext_if from any to any keep state
which somebody had recommended for udp. It's the last one in the file, so it has the final say. As that worked for others, I decided to watch that client a bit more closely with tcpdump during a connect attempt:
tcpdump -p -i [internal nic] udp
turns out that the client wasn't even sending packets to the router...even thought it was using dns on udp 53 just fine. So we installed counterstrike on a fresh install of w2k...connected no prob.
So the moral of the story is: when a programmer asks you why the innernet done broke, suspect that he made his box crazy with his nutty code.
By kko () on
Internet - ADSL Router - Hub - PC1
|
PC2
My router has NAT, and I have opened some ports to allow traffic from the internet to reach PC1 using port 27015, and PC2 using port 27016 on the router.
(Basically, I've fowarded incoming traffic on the router on those ports to my PC's)...
Now all you need to do on half-life, is to start hl.exe from a command line with "+clientport xxx", where xxx is the port that you have fowarded from the NAT router to your PC.
For ideas on half-life servers, check out http://planethalflife.com/half-life/guide/faq.shtm
I'm sorry I can't help with other games, since hl is the only game I play (DoD rocks!!!)....