Date: Wed, 14 May 2014 21:35:25 +0000 (UTC) From: Dru Lavigne <dru@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44835 - head/en_US.ISO8859-1/books/faq Message-ID: <201405142135.s4ELZPR5068397@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dru Date: Wed May 14 21:35:25 2014 New Revision: 44835 URL: http://svnweb.freebsd.org/changeset/doc/44835 Log: Remove entry for games through PPP NAT. This has not been true for some time. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 21:23:56 2014 (r44834) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 21:35:25 2014 (r44835) @@ -6425,92 +6425,6 @@ ATDT1234567</programlisting> </qandaentry> <qandaentry> - <question xml:id="ppp-nat-games"> - <para>Why do most games not work with the - <option>-nat</option> switch?</para> - </question> - - <answer> - <para>The reason games and the like do not work when - &man.libalias.3; is in use is that the machine on the - outside will try to open a connection or send - (unsolicited) UDP packets to the machine on the inside. - The NAT software does not know that it should send these - packets to the interior machine.</para> - - <para>To make things work, make sure that the only thing - running is the software that you are having problems with, - then either run &man.tcpdump.1; on the &man.tun.4; - interface of the gateway or enable &man.ppp.8; TCP/IP - logging (<literal>set log +tcp/ip</literal>) on the - gateway.</para> - - <para>When you start the offending software, you should see - packets passing through the gateway machine. When - something comes back from the outside, it will be dropped - (that is the problem). Note the port number of these - packets then shut down the offending software. Do this a - few times to see if the port numbers are consistent. If - they are, then the following line in the relevant section - of <filename>/etc/ppp/ppp.conf</filename> will make the - software functional:</para> - - <programlisting>nat port <replaceable>proto</replaceable> <replaceable>internalmachine</replaceable>:<replaceable>port</replaceable> <replaceable>port</replaceable></programlisting> - - <para>where <replaceable>proto</replaceable> is either - <literal>tcp</literal> or <literal>udp</literal>, - <replaceable>internalmachine</replaceable> is the machine - that you want the packets to be sent to and - <replaceable>port</replaceable> is the destination port - number of the packets.</para> - - <para>You will not be able to use the software on other - machines without changing the above command, and running - the software on two internal machines at the same time is - out of the question — after all, the outside world - is seeing your entire internal network as being just a - single machine.</para> - - <para>If the port numbers are not consistent, there are - three more options:</para> - - <orderedlist> - <listitem> - <para>Submit support in &man.libalias.3;. Examples of - <quote>special cases</quote> can be found in - <filename>/usr/src/sys/netinet/libalias/alias_*.c</filename> - (<filename>alias_ftp.c</filename> is a good - prototype). This usually involves reading certain - recognized outgoing packets, identifying the - instruction that tells the outside machine to initiate - a connection back to the internal machine on a - specific (random) port and setting up a - <quote>route</quote> in the alias table so that the - subsequent packets know where to go.</para> - - <para>This is the most difficult solution, but it is the - best and will make the software work with multiple - machines.</para> - </listitem> - - <listitem> - <para>Use a proxy. The application may support - <literal>socks5</literal> for example, or may have a - <quote>passive</quote> option that avoids ever - requesting that the peer open connections back to the - local machine.</para> - </listitem> - - <listitem> - <para>Redirect everything to the internal machine using - <literal>nat addr</literal>. This is the - sledge-hammer approach.</para> - </listitem> - </orderedlist> - </answer> - </qandaentry> - - <qandaentry> <question xml:id="fcs-errors"> <para>What are FCS errors?</para> </question>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201405142135.s4ELZPR5068397>