From owner-freebsd-questions Thu Apr 26 10:34: 2 2001 Delivered-To: freebsd-questions@freebsd.org Received: from kearneys.ca (cr442866-a.crdva1.bc.wave.home.com [24.115.134.86]) by hub.freebsd.org (Postfix) with ESMTP id 84DE537B422 for ; Thu, 26 Apr 2001 10:33:59 -0700 (PDT) (envelope-from brent@kearneys.ca) Received: (from brent@localhost) by kearneys.ca (8.11.1/8.11.1) id f3QHcuE18462; Thu, 26 Apr 2001 10:38:56 -0700 (PDT) (envelope-from brent) Date: Thu, 26 Apr 2001 10:38:56 -0700 From: Brent Kearney To: Brent Cc: FreeBSD Questions Subject: Re: ipfw rules ...and quake3 gaming Message-ID: <20010426103856.A18326@kearneys.ca> References: <000b01c0cab9$a05046f0$0100a8c0@loqtis> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <000b01c0cab9$a05046f0$0100a8c0@loqtis>; from misterb@cybertours.com on Sat, Apr 21, 2001 at 07:20:16PM -0400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Apr 21, 2001 at 07:20:16PM -0400, Brent wrote: > I have a 4.1 FBSD running NAT & IPFW acting as a gateway machine for my > internal network...i have the kernel to deny by default..all seems to be > working ggod...ive opened up what ports i need....althoug i cant seem to > get quake ports to open ..the clients are using gamespy ..im not sure if > uses a particular port...but q2 & q3 i think use udp27910 and 27960 ..any > help would be appreciated...or howto's ya might be able to toss my way > TIA > > Brent > If the internal machine that runs Quake is named "brentpc", then you could use an ipfw rule like this: # Allow connections to port 27960 for Q3 access to brentpc $fwcmd add pass tcp from any to ${oip} 27960 setup $fwcmd add pass tcp from any to ${brentpc} 27960 setup $fwcmd add pass udp from any to ${oip} 27960 $fwcmd add pass udp from any to ${brentpc} 27960 Or possibly pass tcp from any to ${inet} 27960, etc. You will also need NAT rules to translate your internal IPs. In your /etc/rc.conf, include something like: natd_enable="YES" natd_flags="-log_denied -f /etc/natd.conf" Then make a file called /etc/natd.conf, in which you could add: # for Q3 access to brentpc redirect_port tcp brentpc:27960 27960 redirect_port udp brentpc:27960 27960 Cheers, -Brent To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message