From owner-freebsd-questions@FreeBSD.ORG Thu Oct 30 01:52:03 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 37038106567A for ; Thu, 30 Oct 2008 01:52:03 +0000 (UTC) (envelope-from jackbarnett@gmail.com) Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.31]) by mx1.freebsd.org (Postfix) with ESMTP id DA5008FC18 for ; Thu, 30 Oct 2008 01:52:02 +0000 (UTC) (envelope-from jackbarnett@gmail.com) Received: by yw-out-2324.google.com with SMTP id 9so115280ywe.13 for ; Wed, 29 Oct 2008 18:52:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=BXLteaUt6KCgDrPy5ba4RjEgLk1C9odVsuh/Bm1dKAo=; b=G3ux3Iq5IfBgGdFoWBihS0FiZP/7Ld65jw7/0gUBG07O+u9PodG2kKC2/hz0XskZXl Y5NSMdXaxUczHU3+bSXwbntqHBDyFuypMow/ujQiMRnr0y22Av5b5M9dxv4LQJ69GSnk uvXjO2qSYslHmhcVM4GyusRE//hxDNz8Hc7zM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=cwsD55EEh6P9EOvbUXs/fI35HDdlt6KB0M07X/xYS+x1kNxT+uyNnW0fiSqI2m/nEu l9FzzmLn6tRk9VHFGI8tB2Af3bggp/FeIiPIoT39eyIvXpvB8S5ZWxh+lKGxh1a3jXVH yQPBrDwnFzBVnYMowRtUOF+Jifg7nlf8co7i8= Received: by 10.65.158.9 with SMTP id k9mr10004014qbo.52.1225329573902; Wed, 29 Oct 2008 18:19:33 -0700 (PDT) Received: from ?192.168.17.10? (c-98-240-159-248.hsd1.mn.comcast.net [98.240.159.248]) by mx.google.com with ESMTPS id k27sm1003600qba.10.2008.10.29.18.19.32 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 29 Oct 2008 18:19:33 -0700 (PDT) Message-ID: <49090BA3.5090407@gmail.com> Date: Wed, 29 Oct 2008 20:19:31 -0500 From: Jack Barnett User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) To: Freebsd questions Content-Transfer-Encoding: 7bit MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Firewalls in FreeBSD? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jackbarnett@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Oct 2008 01:52:03 -0000 Right now I have a Windows machine a FreeBSD natd/firewall then a cable modem. This is working for web surfing. But I've been playing a lot of games lately and it doesn't work at all (for multiplayer/internet games). Basically the games send/receive data on random ports, and I think it's going out fine - but doesn't come back in. Is this a problem with nat or because I have a stateless firewall? I've played around with this on and off for the last while and haven't gotten any where with it. Do you think this would work better or at least be easier to configure/debug if I moved to pf instead? Do I need to run natd if I run pf? FreeBSD fire2 6.3-STABLE FreeBSD 6.3-STABLE #32: Tue Jan 22 22:21:30 CST 2008 gateway_enable="YES" #firewall_enable="YES" #firewall_type="open" firewall_type="simple" #firewall_type="open" firewall_logging="YES" ## PF #pf_enable="NO" # Enable PF (load module if required) #pf_rules="/etc/pf.conf" # rules definition file for pf #pf_flags="" # additional flags for pfctl startup #pflog_enable="YES" # start pflogd(8) #pflog_logfile="/var/log/pflog" # where pflogd should store the logfile #pflog_flags="" # additional flags for pflogd startup ## NATD natd_enable="YES" natd_interface="xl0" natd_flags=" -f /etc/natd.conf" ifconfig_xl0="DHCP" ifconfig_dc0="inet 192.168.17.1 netmask 255.255.255.0" ifconfig_dc1="inet 192.168.18.1 netmask 255.255.255.0"