From owner-freebsd-questions Mon May 21 20:44: 7 2001 Delivered-To: freebsd-questions@freebsd.org Received: from femail13.sdc1.sfba.home.com (femail13.sdc1.sfba.home.com [24.0.95.140]) by hub.freebsd.org (Postfix) with ESMTP id 6300237B422 for ; Mon, 21 May 2001 20:44:03 -0700 (PDT) (envelope-from craig-burgess@home.net) Received: from home.net ([24.0.178.21]) by femail13.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20010522034403.MBJX1874.femail13.sdc1.sfba.home.com@home.net>; Mon, 21 May 2001 20:44:03 -0700 Message-ID: <3B09E1A5.78AED7DF@home.net> Date: Mon, 21 May 2001 20:48:53 -0700 From: craig burgess X-Mailer: Mozilla 4.77 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: vipor Cc: freebsd-questions@FreeBSD.ORG Subject: Re: I need help with ipfw References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I wasn't doing gaming, but had a similar problem solved via 'natd' flags rather than mucking around w/ any firewall rules. I even posted my answer to my own question. Hint: natd -redirect_port craig > vipor wrote: > > Hello, > > I have a freebsd 4.3 stable running natd with IPFW. > natd_interface="ed0" > > # Outside interface > oif="ed0" > > # Inside interface > iif="xl0" > > I would like to know how to set up my ipfw to allow in or out going > tcp or > udp packets !!! > I am trying to play some online games at msn gaming zone ---> > http://zone.msn.com > > but my lan computers are unable to do this.So I looked udp / > tcp ports that should be open > but i am unable to get it to work !!! here is all of the info that > i > have. > > ###################################################################### > # > # This article describes the ports required to play games with other > players > on the MSN > # Gaming Zone through a firewall, proxy server, Network Address > Translation > (NAT), > # or Internet Connection Sharing (ICS). > # MORE INFORMATION > # To play games on the MSN Gaming Zone through a network firewall or > proxy > server, > # the following requirements must be met: > # Your network administrator must configure the firewall or proxy > server to > allow the > # games to pass information through the proxy server or firewall. > # The following TCP ports on the firewall must be open: > > 6667 > 28800 - 29000 > > Connection > Initial TCP Connection > 47624 Outbound > 47624 Inbound > Subsequent TCP Inbound > 2300-2400 > Subsequent TCP Outbound > 2300-2400 > Subsequent UDP Inbound > 2300-2400 > Subsequent UDP Outbound > 2300-2400 > > ###################################################### > # > #THIS IS WHAT I HAVE TRIED BUT IT DOES NOT WORK...8-( > # TCP RULES > > ${fwcmd} add pass tcp from any 6667 to any 6667 > ${fwcmd} add pass tcp from any 2300-2400 to any 2300-2400 > ${fwcmd} add pass tcp from any 47624 to any 47624 > ${fwcmd} add pass tcp from any 28800-29000 to any 28800-29000 > # TCP RULES > > ${fwcmd} add pass tcp from any 6667 to any 6667 > ${fwcmd} add pass tcp from any 2300-2400 to any 2300-2400 > ${fwcmd} add pass tcp from any 47624 to any 47624 > ${fwcmd} add pass tcp from any 28800-29000 to any 28800-2900 > > I am open to any suggestions!!!!!! > and if you need any more info just ask and i will try to get it.. > Thanks for taking the time to read this 8-) > > laters > VIPOR > vipor_1@hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message