[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: masqurading



Hi Adi,

At 15:53 11/11/01 +0200, you wrote:
Hi
 
I have build a NAT machine on linux with 2 ethernet cards and IP Masqurading
I am forwarding all trafic from my virtual network 192.168.1.0/255 to the real ip and it works great !
 
The problem is, I need to open some special ports on the NAT for Microsoft online games
 
 
       The following TCP ports must be open:
 
            80
 
            443
 
            6667
 
            28800-29000
 
I have used the ip masquradin HOWTO and working with the rc.firewall script that is writen there :
 
/sbin/modprobe ip_masq_ftp
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -i eth0 -s 192.168.1.0/24 -j MASQ

From the lines I see here, you havent DENYed/REJJECTed any of the ports you wrote. If this is the only script that running ipchains, the only thing that can make the problem to play the games is the ipchains -P forward DENY rule. Because here you arent closing any of the ports you wrote. so the only rule that can cause this problem is the rule I have wrote (/sbin/ipchains -P forward DENY).


 
 
How do I configure my script to open ports ?
 
Adi
 

--
Best Regards,
Eran Levy.
"This is Linux country. If you listen carefully, you can hear Windows reboot..."
WebSite: http://levy.dyn.dhs.org