* iptables multiple clients internal network warcraft3
@ 2003-05-11 13:24 Thomas Stian Bergheim
2003-05-11 23:06 ` P.Italiaander
2003-05-12 3:27 ` Myles Uyema
0 siblings, 2 replies; 3+ messages in thread
From: Thomas Stian Bergheim @ 2003-05-11 13:24 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 590 bytes --]
Hi!
I'm playing warcraft behind a firewall (iptables) which runs on redhat8.
It works fine for me, but other clients on my internal network
(192.168.0.x) can't join me.
I guess this is because the packets they reply with have a different
source adress. So the solution should be fairly simple using iptables..
But I've tried many things, with no luck...
My server has two eths, one for the dsl connection, the other one for
the local network.
Anyone got a working setup with this or anything?
Thanks,
--
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
[-- Attachment #2: Type: text/html, Size: 6072 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: iptables multiple clients internal network warcraft3
2003-05-11 13:24 iptables multiple clients internal network warcraft3 Thomas Stian Bergheim
@ 2003-05-11 23:06 ` P.Italiaander
2003-05-12 3:27 ` Myles Uyema
1 sibling, 0 replies; 3+ messages in thread
From: P.Italiaander @ 2003-05-11 23:06 UTC (permalink / raw)
To: netfilter
Op zondag 11 mei 2003 15:24, schreef Thomas Stian Bergheim:
> Hi!
>
> I'm playing warcraft behind a firewall (iptables) which runs on redhat8.
>
> It works fine for me, but other clients on my internal network
> (192.168.0.x) can't join me.
> I guess this is because the packets they reply with have a different
> source adress. So the solution should be fairly simple using iptables..
> But I've tried many things, with no luck...
>
> My server has two eths, one for the dsl connection, the other one for
> the local network.
>
> Anyone got a working setup with this or anything?
>
> Thanks,
The clue is, use Nat
It's possible ,I did it with Counterstrike 3 games at the same time was max.
You have to use Nat or Masquerading .
The limit of 3 was because the Counterstrike server won't let me connect
with more then 3 games, since we use Nat or Masq, the game-server sees
3 connections from the same IP number. loading game 4 was denied.
The firewall/router himself knows how to deal with the different IP's.
- make sure you authorize tcp/udp ports above 1024: outbound
I don't have specific rules for you , I have @home broadband , but this
is what your looking for.
Pascal
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: iptables multiple clients internal network warcraft3
2003-05-11 13:24 iptables multiple clients internal network warcraft3 Thomas Stian Bergheim
2003-05-11 23:06 ` P.Italiaander
@ 2003-05-12 3:27 ` Myles Uyema
1 sibling, 0 replies; 3+ messages in thread
From: Myles Uyema @ 2003-05-12 3:27 UTC (permalink / raw)
To: Thomas Stian Bergheim; +Cc: netfilter
[-- Attachment #1: Type: TEXT/PLAIN, Size: 712 bytes --]
Hi Thomas, please try out this script. I've tested it so far with
Starcraft, two computers joining the same game. Let me know how things
go.
On Sun, 11 May 2003, Thomas Stian Bergheim wrote:
Hi!
I'm playing warcraft behind a firewall (iptables) which runs on redhat8.
It works fine for me, but other clients on my internal network
(192.168.0.x) can't join me.
I guess this is because the packets they reply with have a different
source adress. So the solution should be fairly simple using iptables..
But I've tried many things, with no luck...
My server has two eths, one for the dsl connection, the other one for
the local network.
Anyone got a working setup with this or anything?
Thanks,
[-- Attachment #2: starcraft IPtables script --]
[-- Type: TEXT/plain, Size: 2060 bytes --]
#!/bin/bash
# Written by Myles Uyema; khisanth at uyema d0t net
#
# This is a script to allow Starcraft games to be hosted behind
# a Linux IPTables firewall.
# Tested with Starcraft and 2 machines behind the firewall.
# This may work for other Battle.Net RTS games as well... YMMV
# My Internet IP address
CABLEIP=12.93.33.58
# My PRIVATE LAN Network
# This script assumes Class C network
PRIVLAN=192.168.5
# Battle.Net port usually 6112
BNETPORT=6112
# Enter the last dotted quad IP address of each PC
# We're assuming all the PCs are in a Class C private LAN
# Also, if you have more than 7 PCs, why do you want to get on Battle.net?
# So if my IP address is 192.168.5.5, PC1=5
PC1=5
PC2=98
PC3=
PC4=
PC5=
PC6=
PC7=
PC8=
export CABLEIP PRIVLAN
export PC1 PC2 PC3 PC4 PC5 PC6 PC7 PC8
case "$1" in
start)
iptables -t nat -F SC-OUT || iptables -t nat -N SC-OUT
iptables -t nat -F SC-IN || iptables -t nat -N SC-IN
iptables -t nat -I POSTROUTING -p udp -s ${PRIVLAN}.0/24 --sport $BNETPORT -j SC-OUT
for i in $PC1 $PC2 $PC3 $PC4 $PC5 $PC6 $PC7 $PC8
do
if [ $i -gt 0 ] ; then
iptables -t nat -I SC-OUT -s ${PRIVLAN}.${i} -p udp -j SNAT --to ${CABLEIP}:$((9000+$i))
iptables -t nat -I PREROUTING -p udp --dport $((9000+$i)) -j SC-IN
iptables -t nat -I SC-IN -d ${CABLEIP} -p udp --dport $((9000+$i)) -j DNAT --to ${PRIVLAN}.${i}:${BNETPORT}
fi
done
;;
stop)
iptables -t nat -F SC-OUT || exit 0
iptables -t nat -F SC-IN || exit 0
iptables -t nat -D POSTROUTING -p udp -s ${PRIVLAN}.0/24 --sport $BNETPORT -j SC-OUT
for i in $PC1 $PC2 $PC3 $PC4 $PC5 $PC6 $PC7 $PC8
do
if [ $i -gt 0 ] ; then
iptables -t nat -D PREROUTING -p udp --dport $((9000+$i)) -j SC-IN
fi
done
iptables -t nat -X SC-OUT
iptables -t nat -X SC-IN
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-05-12 3:27 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-05-11 13:24 iptables multiple clients internal network warcraft3 Thomas Stian Bergheim
2003-05-11 23:06 ` P.Italiaander
2003-05-12 3:27 ` Myles Uyema
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.