Date: Tue, 1 Jan 2002 17:37:13 +0100 From: luc wastiaux <wastia_l@epita.fr> To: freebsd-questions@freebsd.org Subject: ipfw rules and counterstrike Message-ID: <20020101173713.A16349@kenny.epita.fr>
next in thread | raw e-mail | index | archive | help
Hello, I have a 4.4R NAT box serving my ADSL connection, everything seems to be working fine except for couterstrike. when I attempt to connect to a server or refresh the server list, the console on the NAT box says "natd failed to write packet back (permission denied). I have tried the following: -mapping ports 27000-27020 UDP, 6003TCP 7002TCP from the NAT box to the win box -opening high ports with ipfw add allow udp from any to any 1024-65536, ipfw add allow tcp from any to any 1024-65536 I haven't been sucessful so far. I'm a newbie when it comes to firewall set up, so the info I gathered about half-life behind firewalls on the web is not of much use to me since I don't know how to apply it to my case. What I would like to know is if some people have a similar setup and managed to get counterstrike to work ? thanks a lot. below is my firewall ruleset: # Firewall rules # Written by Marc Silver (marcs@draenor.org) # http://draenor.org/ipfw # Freely distributable # Define the firewall command (as in /etc/rc.firewall) for easy # reference. Helps to make it easier to read. fwcmd="/sbin/ipfw" # Force a flushing of the current rules before we reload. $fwcmd -f flush # Divert all packets through the tunnel interface. $fwcmd add divert natd all from any to any via tun0 # Allow all data from my network card and localhost. Make sure you # change your network card (mine was fxp0) before you reboot. :) $fwcmd add allow ip from any to any via lo0 $fwcmd add allow ip from any to any via ed0 $fwcmd add allow ip from any to any via ed1 # Allow all connections that I initiate. $fwcmd add allow tcp from any to any out xmit tun0 setup # Once connections are made, allow them to stay open. $fwcmd add allow tcp from any to any via tun0 established # Everyone on the internet is allowed to connect to the following # services on the machine. This example specifically allows connections # to ssh and apache. $fwcmd add allow tcp from any to any 22 setup # This sends a RESET to all ident packets. $fwcmd add reset log tcp from any to any 113 in recv tun0 # Allow outgoing DNS queries ONLY to the specified servers. $fwcmd add allow udp from any to 193.252.19.3 53 out xmit tun0 $fwcmd add allow udp from any to 193.252.19.4 53 out xmit tun0 # Allow them back in with the answers... :) $fwcmd add allow udp from 193.252.19.3 53 to any in recv tun0 $fwcmd add allow udp from 193.252.19.4 53 to any in recv tun0 # Allow ICMP (for ping and traceroute to work). You may wish to # disallow this, but I feel it suits my needs to keep them in. $fwcmd add allow icmp from any to any # Deny all the rest. $fwcmd add deny log ip from any to any -- -luc | wastia_l@epita.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020101173713.A16349>