RE: [vox] quake3 serving from behind a firewall
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [vox] quake3 serving from behind a firewall
Quake III test succesful
-----Original Message-----
From: vox-admin@lists.lugod.org [mailto:vox-admin@lists.lugod.org] On
Behalf Of Peter Jay Salzman
Sent: Thursday, April 04, 2002 10:08 PM
To: vox@lists.lugod.org
Subject: Re: [vox] quake3 serving from behind a firewall
begin Jeff Newmiller <jdnewmil@dcn.davis.ca.us>
> On Thu, 4 Apr 2002, Peter Jay Salzman wrote:
>
> > ok, after much procrastination, i rolled up my sleeves and set up a
> > quake3 server. here's the topology of my LAN:
> >
> >
> > --- 64.164.47.8
> > mephisto
> > LEAF
> > firewall 192.168.0.2 satan
> > 192.168.0.1 -------------------- 192.168.0.3 navalle
> > 192.168.0.4 lucifer
> > 192.168.0.4 lucifer
> > 192.168.0.4 moloch
> >
> > on the firewall:
> >
> > # ipmasqadm portfw -l
> > prot localaddr rediraddr lport rport pcnt
pref
> > UDP adsl-64-164-47-8 satan.diablo.localnet ntp ntp 10
10
> > UDP adsl-64-164-47-8 satan.diablo.localnet 27960 27960 8
10
> > TCP adsl-64-164-47-8 lucifer.diablo.localnet 27500 27500 10
10
> > TCP adsl-64-164-47-8 satan.diablo.localnet ntp ntp 10
10
> > TCP adsl-64-164-47-8 satan.diablo.localnet 6346 6346 7
10
> > TCP adsl-64-164-47-8 satan.diablo.localnet ssh ssh 9
10
> > TCP adsl-64-164-47-8 satan.diablo.localnet 24 ssh 10
10
> > TCP adsl-64-164-47-8 satan.diablo.localnet smtp smtp 9
10
> > TCP adsl-64-164-47-8 satan.diablo.localnet www www 2
10
> > TCP adsl-64-164-47-8 satan.diablo.localnet ftp ftp 10
> >
> >
> > i ran the dedicated server on satan (192.168.0.2):
> >
> > q3ded +set dedicated 2 +net_ip 64.164.47.8 +map q3dm17 +set
> > com_hunkmegs 200
> >
> >
> > now on satan (192.168.0.2), i *can't* connect to the server by
> > specifying a connect to server 64.164.47.8 which surprises me.
> > however, i can connect to the server by specifying 192.168.0.2 which
> > is no surprise.
>
> This is normal behavior.
see below
> > however, on lucifer (192.168.0.4) i *can* connect to the server by
> > specifying a connect to server 64.164.47.8. i can also specify
> > 192.168.0.2. this is groovy.
>
> This is abnormal behavior. I have never encountered a linux kernel
> that would do this (reflect a masquerade back into the local network).
i believe the way quake3 works is that the server sends an identifier to
a master server run by id software that says "i'm running a server at ip
address 64.164.47.8". the master server keeps track of this. btw, all
communication happens with UDP.
a client then connects to the master server and gets a list of all the
servers and their ip addresses. i'm not sure of the details beyond
this. but it seems reasonable that if i run a server on 192.168.0.2
that identifies itself as 64.164.47.8 to the master server, and then use
a client from 192.168.0.4 to connect to 64.164.47.8, that it would work.
i guess i'm not really sure what it means to reflect a masq back into
the local server. on one hand, i can't ssh from 192.168.0.2 to
64.164.47.8:
p@satan% ssh p@64.164.47.8
(it just hangs)
but i can ping:
p@satan% ping 64.164.47.8
PING 64.164.47.8 (64.164.47.8): 56 data bytes
64 bytes from 64.164.47.8: icmp_seq=0 ttl=255 time=0.6 ms
(note: after checking with tcpdump on the firewall, the ping doesn't
leave my local network; it stays internal while ssh does leave the
internal net).
oi. this is confusing. just when i thought i had all this figured out,
i learn that i know practically nothing. :(
still waiting for a quake3 owner to try to connect to 64.164.47.8 ...
:)
pete
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox
|
