From owner-freebsd-stable  Mon Apr 23 22:18: 2 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from mail.zuhause.org (zuhause.org [205.215.217.178])
	by hub.freebsd.org (Postfix) with ESMTP
	id A5A9137B422; Mon, 23 Apr 2001 22:17:57 -0700 (PDT)
	(envelope-from bruce@zuhause.org)
Received: by mail.zuhause.org (Postfix, from userid 1001)
	id 016EC7C63; Tue, 24 Apr 2001 00:17:55 -0500 (CDT)
From: Bruce Albrecht <bruce@zuhause.mn.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <15077.3203.746285.329094@celery.zuhause.org>
Date: Tue, 24 Apr 2001 00:17:55 -0500 (CDT)
To: "Brent" <brentb@loa.com>
Cc: <freebsd-questions@FreeBSD.ORG>, <freebsd-stable@FreeBSD.ORG>
Subject: Re: ipfw and games
In-Reply-To: <001301c0cbee$90f1e200$3ab4a8c0@kronos>
References: <001301c0cbee$90f1e200$3ab4a8c0@kronos>
X-Mailer: VM 6.75 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Brent writes:
 > Im running 4.2 stable as a gateway machine w/ NATd  and IPFW over a DSL
 > connection for my home internal network...everything for the most part is
 > running fine...although im trying to open up Quake2 and Quake 3 ports  27910
 > and 27960 ...seems everything i try doesnt work.
 > Is there a place I can find some rules for gaming??? ...or at least  get the
 > correct  way to open up those ports in my firewall ??
 > any help is most appreciated.

I don't know if you can use state rules to allow more than one machine
to play the games from behind your NAT/firewall box, but I've found
that if the game uses UDP for communications (and most internet games
do), and you only have one IP address visible to the internet, then
you need to pick a single machine for running the game, and then set
up the IP rules to route the UDP packets to that port to the machine
that runs the game.

For example, I play Starcraft, and all the Blizzard games use UDP port
6112.  In my natd.conf, I have:

redirect_port udp 10.0.2.22:6112 6112

where 10.0.2.22 is the IP address for the internal machine on which I
play Starcraft. 

My firewall has the following after the divert rule:
add 5005 pass udp from any 6112 to any 6112


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message