From owner-freebsd-questions@FreeBSD.ORG Fri Jan 16 22:07:35 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8A62316A4CE for ; Fri, 16 Jan 2004 22:07:35 -0800 (PST) Received: from mpls-qmqp-04.inet.qwest.net (mpls-qmqp-04.inet.qwest.net [63.231.195.115]) by mx1.FreeBSD.org (Postfix) with SMTP id A4CF143D4C for ; Fri, 16 Jan 2004 22:07:33 -0800 (PST) (envelope-from budec@qwest.net) Received: (qmail 72977 invoked by uid 0); 17 Jan 2004 06:07:33 -0000 Received: from mpls-pop-04.inet.qwest.net (63.231.195.4) by mpls-qmqp-04.inet.qwest.net with QMQP; 17 Jan 2004 06:07:33 -0000 Received: from unknown (HELO abby) (63.231.238.226) by mpls-pop-04.inet.qwest.net with SMTP; 17 Jan 2004 06:07:32 -0000 Date: Sat, 17 Jan 2004 00:02:52 -0600 Message-ID: From: "Budec" To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <05ED6F07-4844-11D8-904E-000393BB56F2@hiwaay.net> Importance: Normal Subject: NWN and port forwarding under FreeBSD 4.7 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jan 2004 06:07:35 -0000 Anyone run NWN though a FreeBSD firewall/natd setup? Been trying to get this running for over a week and starting to get very frustrated with it. :( Here is how my network is setup: {internet} <-> [public ips 6-9] DC1 (Firewall) DC0 -[private ips 25-26] - NWN server Here are the techinal documents that I'm going off: http://nwn.bioware.com/support/techfaq.html#03 http://members.cox.net/ctr2sprt/nwn/ http://www.shadow400.com/shadowgameworld/neverwinternights/server/nwn_linksy s_help.htm http://support.dlink.com/faq/view.asp?prod_id=1399#604 http://nwn.bioware.com/forums/viewtopic.html?topic=306921&forum=56 http://nwn.bioware.com/forums/viewtopic.html?topic=309518&forum=56&sp=0 http://nwn.bioware.com/forums/viewtopic.html?topic=307939&forum=56 Here is the setup I'm using /etc/rc.firewall: ${fwcmd} add allow udp from 192.168.17.25 5121 to 216.177.89.34 27900 keep-state ${fwcmd} add allow udp from 192.168.17.25 5121 to 66.244.193.142 5121 keep-state ${fwcmd} add pass log tcp from any to any 5121 ${fwcmd} add pass log udp from any to any 5121 ${fwcmd} add pass log tcp from any to any 5122 ${fwcmd} add pass log udp from any to any 5122 /etc/natd.conf: redirect_port udp 192.168.17.25:6500 6500 redirect_port udp 192.168.17.25:27900 27900 redirect_port udp 192.168.17.25:28900 28900 redirect_port udp 192.168.17.25:29900 29900 redirect_port tcp 192.168.17.25:5120-5300 5120-5300 redirect_port udp 192.168.17.25:5120-5300 5120-5300 output of "/var/log/security" and `tcpdump -i dc1 -n port 5122 and port 5121`: Jan 14 05:37:04 hydra last message repeated 10 times Jan 14 06:10:14 hydra /kernel: ipfw: 900 Accept UDP 80.55.156.86:63420 63.231.238.226:5121 in via dc1 Jan 14 06:10:42 hydra last message repeated 5 times Jan 14 06:12:34 hydra last message repeated 14 times Jan 14 06:12:57 hydra last message repeated 3 times Jan 14 09:58:55 hydra /kernel: ipfw: 900 Accept UDP 80.55.156.86:63791 63.231.238.226:5121 in via dc1 Jan 14 09:59:05 hydra /kernel: ipfw: 900 Accept UDP 80.55.156.86:63791 63.231.238.226:5121 in via dc1 Jan 14 17:12:51 hydra /kernel: ipfw: 900 Accept UDP 63.231.238.228:5121 66.244.193.142:5121 out via dc1 Jan 14 17:12:52 hydra /kernel: ipfw: 900 Accept UDP 63.231.238.228:5121 66.244.193.142:5121 out via dc1 tcpdump: listening on dc1 Jan 16 10:58:15 hydra /kernel: ipfw: 700 Accept UDP 63.231.238.226:5121 66.244.193.142:5121 out via dc1 Jan 16 10:58:16 hydra /kernel: ipfw: 700 Accept UDP 207.38.8.34:27900 192.168.17.25:5121 in via dc1 Jan 16 10:58:16 hydra /kernel: ipfw: 700 Accept UDP 207.38.8.34:27900 192.168.17.25:5121 out via dc0 Jan 16 10:58:16 hydra /kernel: ipfw: 700 Accept UDP 207.38.8.27:3669 63.231.238.226:5121 in via dc1 Jan 16 10:58:16 hydra /kernel: ipfw: 700 Accept UDP 207.38.8.27:3669 63.231.238.226:5121 in via dc1 Jan 16 10:58:16 hydra /kernel: ipfw: 700 Accept UDP 63.231.238.226:5121 66.244.193.142:5121 out via dc1 Jan 16 10:58:16 hydra /kernel: ipfw: 700 Accept UDP 207.38.8.27:3669 63.231.238.226:5121 in via dc1 Jan 16 10:58:16 hydra /kernel: ipfw: 700 Accept UDP 207.38.8.34:27900 192.168.17.25:5121 in via dc1 Jan 16 10:58:16 hydra /kernel: ipfw: 700 Accept UDP 207.38.8.34:27900 192.168.17.25:5121 out via dc0 It doesn't post to gamespy (the browser service so other people can see it) and other people can not join from out side IP Addresses.... Any ideas? Regards, Jack