|
||||||||||
Nick Lidakis wrote: > Christopher M. Iarocci wrote: > >> Nick Lidakis wrote: >> >>> I have really tried reading all the docs available on line as well >>> as searching through all of the mailing list archives using the >>> search function. If anyone can point out what I am doing wrong, I >>> would really appreciate it. >>> >>> Simply, I am trying to run an Enemy Territory dedicated server (on a >>> debian box) behind monowall. I need to have port 27960 open so that >>> friends on the Internet can join. >>> From what I understand so far, I need to use the NAT inbound rule to >>> accomplish this, so I did this: >>> >>> Click on NAT, then Inbound >>> click plus for new rule >>> external port range is set to 27960 >>> NAT IP is set to the debian box, 192.168.1.10 >>> local port 27960 >>> interface is WAN >>> external address=interface address >>> and click the box to set the firewall rule >>> protocol is set to tcp (though i did try tcp/udp and udp with no luck) >>> >>> click save, then apply changes. >>> >>> firewall rule options: >>> Action=pass >>> Interface=WAN >>> Protocol=TCP >>> Source=any >>> Source port range=any and any >>> Destination: TypeSingle host or alias >>> Address=192.168.1.10 >>> Fragments and Logs= unchecked >>> >>> >>> I have used NAT inbound to setup a rule for gtk-gnutella, and that >>> works just fine, the setting almost identical as the server rule I'm >>> trying to get working. >>> >>> When the server is started, it show up on the local lan, and I am >>> able to join and play without any problems. The server is not seen >>> on the >>> Internet, and several people have tried connecting vi ip address and >>> were unable to do so. >>> >>> >>> Any comments would be appreciated. >>> >> Nick, >> >> My first comment would be, what do the logs show when someone is >> trying to connect. If the packets are not getting through, you >> should see a block in the log. Show us that. Other than that, it >> sounds as if you're doing exactly what you should be doing. >> >> Chris >> > 02:08:17.267389 WAN 67.68.214.184, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:15.725984 WAN 209.105.218.55, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:14.183840 WAN 65.33.55.219, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:13.882877 WAN 162.39.148.149, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:13.332229 WAN 80.238.40.233, port 39404 > 192.168.1.10, port 3784 UDP > 02:08:13.281683 WAN 70.240.167.155, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:13.270717 WAN 68.110.107.4, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:12.829900 WAN 80.238.40.233, port 39404 > 192.168.1.10, port 3784 UDP > 02:08:12.498029 WAN 200.83.214.141, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:11.899348 WAN 200.217.12.61, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:11.826444 WAN 80.238.40.233, port 39404 > 192.168.1.10, port 3784 UDP > 02:08:11.195235 WAN 68.142.232.32, port 27243 > 192.168.1.10, port 3784 UDP > 02:08:10.390290 WAN 64.230.86.13, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:10.051013 WAN 69.119.172.59, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:08.931210 WAN 216.167.227.53, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:08.513077 WAN 80.126.198.200, port 1362 > 192.168.1.10, port 3784 UDP > 02:08:08.324360 WAN 68.106.98.4, port 1075 > 192.168.1.10, port 3784 UDP > 02:08:07.736290 WAN 68.231.44.198, port 42948 > 192.168.1.10, port 3784 UDP > 02:08:06.599500 WAN 68.230.27.251, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:05.833716 WAN 68.230.192.53, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:05.582409 WAN 210.113.36.174, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:04.631388 WAN 84.41.150.151, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:04.011510 WAN 24.207.180.114, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:03.426857 WAN 68.230.157.37, port 61321 > 192.168.1.10, port 3784 UDP > 02:08:02.756401 WAN 24.60.111.19, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:02.545834 WAN 217.224.75.50, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:01.567676 WAN 24.86.97.246, port 61145 > 192.168.1.10, port 3784 UDP > 02:08:01.308169 WAN 66.158.159.245, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:01.273520 WAN 200.198.113.211, port 27960 > 192.168.1.10, port 3784 UDP > 02:08:00.684485 WAN 67.149.22.16, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:59.808228 WAN 66.169.12.85, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:58.223537 WAN 200.104.91.117, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:57.277551 WAN 24.226.86.224, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:56.776794 WAN 66.117.225.157, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:56.438066 WAN 62.143.6.166, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:56.204728 WAN 69.29.30.145, port 62452 > 192.168.1.10, port 3784 UDP > 02:07:56.040895 WAN 65.94.71.97, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:53.382211 WAN 68.116.113.82, port 32987 > 192.168.1.10, port 3784 UDP > 02:07:53.332662 WAN 67.149.22.16, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:53.135817 WAN 209.105.218.55, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:52.842391 WAN 213.202.254.50, port 36680 > 192.168.1.10, port 3784 UDP > 02:07:48.732785 WAN 213.114.5.190, port 1477 > 192.168.1.10, port 3784 UDP > 02:07:48.176910 WAN 220.236.73.52, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:47.474502 WAN 128.120.190.105, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:46.562110 WAN 80.32.67.228, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:44.995810 WAN 68.225.243.186, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:43.633215 WAN 194.100.227.111, port 65171 > 192.168.1.10, port 3784 UDP > 02:07:42.832971 WAN 82.46.100.4, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:42.262626 WAN 68.100.150.55, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:42.113343 WAN 83.28.247.45, port 61473 > 192.168.1.10, port 3784 UDP > 02:07:42.061727 WAN 67.168.223.155, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:40.833611 WAN 68.142.232.32, port 27243 > 192.168.1.10, port 3784 UDP > 02:07:38.656090 WAN 24.107.141.246, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:38.423509 WAN 201.1.96.29, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:38.059103 WAN 68.117.130.60, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:37.565441 WAN 210.120.86.249, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:36.943216 WAN 207.248.40.252, port 20562 > 192.168.1.10, port 3784 UDP > 02:07:36.939843 WAN 81.41.180.217, port 4715 > 68.160.246.240, port 445 TCP > 02:07:35.490357 WAN 217.43.40.8, port 60126 > 68.160.246.240, port 445 TCP > 02:07:34.917989 WAN 24.88.65.130, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:34.733964 WAN 81.41.180.217, port 4715 > 68.160.246.240, port 445 TCP > 02:07:34.457305 WAN 66.131.109.172, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:34.113537 WAN 221.201.144.148, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:32.692313 WAN 210.113.36.174, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:30.444188 WAN 209.145.109.163, port 2656 > 192.168.1.10, port 3784 UDP > 02:07:30.361039 WAN 172.172.52.169, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:29.680741 WAN 218.239.74.102, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:28.322220 WAN 201.9.172.111, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:27.159988 WAN 66.235.51.59, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:26.774459 WAN 24.17.45.227, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:25.289674 WAN 213.114.7.216, port 3305 > 192.168.1.10, port 3784 UDP > 02:07:24.209815 WAN 80.121.5.82, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:23.949664 WAN 68.160.254.172, port 4542 > 68.160.246.240, port 445 TCP > 02:07:22.199417 WAN 24.136.92.207, port 56096 > 192.168.1.10, port 3784 UDP > 02:07:20.669560 WAN 68.160.254.172, port 4542 > 68.160.246.240, port 445 TCP > 02:07:20.646041 WAN 69.119.172.59, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:20.115772 WAN 24.215.27.66, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:19.822854 WAN 68.72.82.90, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:19.654258 WAN 64.229.4.50, port 61788 > 192.168.1.10, port 3784 UDP > 02:07:19.509669 WAN 4.47.1.251, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:18.352285 WAN 80.202.52.31, port 51839 > 192.168.1.10, port 3784 UDP > 02:07:15.556147 WAN 66.72.30.187, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:15.521807 WAN 68.175.76.198, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:13.761408 WAN 68.123.140.239, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:12.738148 WAN 80.238.40.233, port 38408 > 192.168.1.10, port 3784 UDP > 02:07:12.266133 WAN 80.238.40.233, port 38408 > 192.168.1.10, port 3784 UDP > 02:07:11.807407 WAN 24.0.254.39, port 32771 > 192.168.1.10, port 3784 UDP > 02:07:11.688122 WAN 67.161.1.233, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:11.240449 WAN 80.238.40.233, port 38408 > 192.168.1.10, port 3784 UDP > 02:07:11.233993 WAN 80.202.41.86, port 59185 > 192.168.1.10, port 3784 UDP > 02:07:10.823135 WAN 68.142.232.32, port 27243 > 192.168.1.10, port 3784 UDP > 02:07:09.620521 WAN 68.117.174.4, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:08.956761 WAN 24.201.92.88, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:08.657743 WAN 137.238.164.112, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:08.050029 WAN 209.105.218.55, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:07.605112 WAN 200.107.128.47, port 10120 > 192.168.1.10, port 3784 UDP > 02:07:07.015647 WAN 172.172.52.169, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:06.837929 WAN 68.123.140.239, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:05.835874 WAN 82.251.142.217, port 27960 > 192.168.1.10, port 3784 UDP > 02:07:03.782823 WAN 141.158.56.43, port 33123 > 192.168.1.10, port 3784 UDP > > > It appears from the log that your clients are trying to connect to port 3784, not 27960. I suggest you open that one instead. The source port is not important (your firewall rule should allow the source IP and ports to be any), and not consistant. It's the destination port you need to configure for, which from the logs, is 3784 UDP. HTH Chris |