Re: [vox] quake3 serving from behind a firewall
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [vox] quake3 serving from behind a firewall
begin Jeff Newmiller <jdnewmil@dcn.davis.ca.us>
> On Thu, 4 Apr 2002, Peter Jay Salzman wrote:
>
> > ok, after much procrastination, i rolled up my sleeves and set up a
> > quake3 server. here's the topology of my LAN:
> >
> >
> > --- 64.164.47.8
> > mephisto
> > LEAF
> > firewall 192.168.0.2 satan
> > 192.168.0.1 -------------------- 192.168.0.3 navalle
> > 192.168.0.4 lucifer
> > 192.168.0.4 lucifer
> > 192.168.0.4 moloch
> >
> > on the firewall:
> >
> > # ipmasqadm portfw -l
> > prot localaddr rediraddr lport rport pcnt pref
> > UDP adsl-64-164-47-8 satan.diablo.localnet ntp ntp 10 10
> > UDP adsl-64-164-47-8 satan.diablo.localnet 27960 27960 8 10
> > TCP adsl-64-164-47-8 lucifer.diablo.localnet 27500 27500 10 10
> > TCP adsl-64-164-47-8 satan.diablo.localnet ntp ntp 10 10
> > TCP adsl-64-164-47-8 satan.diablo.localnet 6346 6346 7 10
> > TCP adsl-64-164-47-8 satan.diablo.localnet ssh ssh 9 10
> > TCP adsl-64-164-47-8 satan.diablo.localnet 24 ssh 10 10
> > TCP adsl-64-164-47-8 satan.diablo.localnet smtp smtp 9 10
> > TCP adsl-64-164-47-8 satan.diablo.localnet www www 2 10
> > TCP adsl-64-164-47-8 satan.diablo.localnet ftp ftp 10
> >
> >
> > i ran the dedicated server on satan (192.168.0.2):
> >
> > q3ded +set dedicated 2 +net_ip 64.164.47.8 +map q3dm17 +set com_hunkmegs 200
> >
> >
> > now on satan (192.168.0.2), i *can't* connect to the server by
> > specifying a connect to server 64.164.47.8 which surprises me. however,
> > i can connect to the server by specifying 192.168.0.2 which is no
> > surprise.
>
> This is normal behavior.
see below
> > however, on lucifer (192.168.0.4) i *can* connect to the server by
> > specifying a connect to server 64.164.47.8. i can also specify
> > 192.168.0.2. this is groovy.
>
> This is abnormal behavior. I have never encountered a linux kernel that
> would do this (reflect a masquerade back into the local network).
i believe the way quake3 works is that the server sends an identifier to a
master server run by id software that says "i'm running a server at ip
address 64.164.47.8". the master server keeps track of this. btw, all
communication happens with UDP.
a client then connects to the master server and gets a list of all the
servers and their ip addresses. i'm not sure of the details beyond
this. but it seems reasonable that if i run a server on 192.168.0.2
that identifies itself as 64.164.47.8 to the master server, and then use
a client from 192.168.0.4 to connect to 64.164.47.8, that it would work.
i guess i'm not really sure what it means to reflect a masq back into
the local server. on one hand, i can't ssh from 192.168.0.2 to
64.164.47.8:
p@satan% ssh p@64.164.47.8
(it just hangs)
but i can ping:
p@satan% ping 64.164.47.8
PING 64.164.47.8 (64.164.47.8): 56 data bytes
64 bytes from 64.164.47.8: icmp_seq=0 ttl=255 time=0.6 ms
(note: after checking with tcpdump on the firewall, the ping doesn't
leave my local network; it stays internal while ssh does leave the
internal net).
oi. this is confusing. just when i thought i had all this figured out,
i learn that i know practically nothing. :(
still waiting for a quake3 owner to try to connect to 64.164.47.8 ...
:)
pete
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox
|
