[wplug] Neverwinters nights?
Kubbie
squeakers2k at icqmail.com
Sat Dec 14 15:49:57 EST 2002
Anyone who plays/host a Neverwinter Night game from behind a Linux firewall
and got the hosting working, please send me a email so I might ask a few
questions (I don't want to waste space here with might turn in to back and
fourth questions).
Below is what I have gotten and have tried executing, but still can't host a
game. Not seeing any blocks in syslog. I have tweeked the below adding
ranges to both the IP range and the port range, but still nothing.
# Rules for "Basic Configuration"
iptables -A FORWARD -p udp -d 255.255.255.255 --sport 5120 -j ACCEPT
iptables -A FORWARD -p udp -d $nwserver --dport 5121 --sport 5120 \
-m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A FORWARD -p udp -s $nwserver --sport 5121 --dport 5120 \
-m state --state ESTABLISHED -j ACCEPT
# Rules for "GameSpy Configuration"
iptables -A FORWARD -p udp -s $nwserver --sport 5121 \
-d 216.177.89.0/24 --dport 27900 \
-m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A FORWARD -p udp -d $nwserver --dport 5121 \
-s 216.177.89.0/24 --sport 27900 \
-m state --state ESTABLISHED -j ACCEPT
iptables -A FORWARD -p udp -s $nwserver --sport 5121 \
-d 216.177.89.0/24 --dport 28900 \
-m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A FORWARD -p udp -d $nwserver --dport 5121 \
-s 216.177.89.0/24 --sport 28900 \
-m state --state ESTABLISHED -j ACCEPT
iptables -A FORWARD -p udp -s $nwserver --sport 5121 \
-d 66.244.193.142 --dport 5121 \
-m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A FORWARD -p udp -d $nwserver --dport 5121 \
-s 66.244.193.142 --sport 5121 \
-m state --state ESTABLISHED -j ACCEPT
-----Original Message-----
From: wplug-admin at wplug.org [mailto:wplug-admin at wplug.org]On Behalf Of
Henry Umansky
Sent: Saturday, December 14, 2002 2:16 PM
To: wplug at wplug.org
Subject: RE: [wplug] iptables multiple addresses?
I always thought you don't have to put the full address like
111.111.111.0/255.255.255.0, you can just put 111.111.111.0/0,
111.111.111.0/128, 111.111.111.0/192, etc. or even if you just wanted a
range of ips from say 155-163 then you can just put 111.111.111.155/248 or
something like that. Can someone clarify this, especially if I'm wrong.
-Henry
--On Friday, December 13, 2002 11:26 PM -0500 Kubbie
<squeakers2k at icqmail.com> wrote:r
> Thanks!
>
> -----Original Message-----
> From: wplug-admin at wplug.org [mailto:wplug-admin at wplug.org]On Behalf Of
> James O'Kane
> Sent: Friday, December 13, 2002 7:09 PM
> To: wplug at wplug.org
> Subject: RE: [wplug] iptables multiple addresses?
>
>
> On Fri, 13 Dec 2002, Kubbie wrote:
>> Sorry, forgot this, since I was interrupted when writing this...
>>
>> iptables -A FORWARD -p udp -s $eeserver --sport 3121 \
>> -d 111.111.111.1 --dport 26500 \
>> -m state --state NEW,ESTABLISHED -j ACCEPT
>>
>
> I'm hoping the 111.111.111 part is just an example.
>
> You can add a netmask to the end of an IP address to make it be a block
> of IPs. 111.111.111.0/255.255.255.0 would be everything from .0 to .255
> 111.111.111.0/255.255.255.128 would be 0-127 (128 addresses)
> 111.111.111.0/255.255.255.192 would be 0-63 (64 addresses)
> 111.111.111.0/255.255.255.224 would be 0-31 (32 addresses)
> .240 0-15 16
> .248 0-7 8
> .252 0-3 4
> .254 0-1 2
> .255 0 1
>
>
> From what I can remember of the top of my head, those are the only size
> groups you can do. If you want a different range other than starting at
> 0, you can change the 111.111.111.0 part to be .128 for example.
> so 111.111.111.128/255.255.255.128 would be .128-.255 (still 128
> addresses)
>
>
> If you want to know more, this is called Classless Inter-Domain Routing
> (CIDR)
>
> I'm not sure if this will still be relevant:
> http://www.wplug.org/~jo2y/talks/iptables/slides/
>
> I started working on an updated version, but was sidetracked by school.
>
> -james
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
Henry Umansky
hmust2 [at] pitt [dot] edu
http://www.pitt.edu/~hmust2
_______________________________________________
wplug mailing list
wplug at wplug.org
http://www.wplug.org/mailman/listinfo/wplug
More information about the wplug
mailing list