Hi!
I'm sitting behind a linux router, where I use iptables for my firewall and all my port forwarding needs.
In the past, whenever I'd want to host something (like warcraft 3, starcraft, other appplication), I would simply add a line like the following, and restart the iptables:
-A PREROUTING -p tcp --dport <port number> -i eth0 -j DNAT --to <my comp's IP : port number>
which would forward all requests to that port onto my own computer.
And I never had problems hosting any games using such set up. However, I have problems with civilization. I forwarded all the ports as said in the manual, and nothing else is closed. Yet, I still am not able to host games. Here's my IPTables configuration, hope somebody helps me:
*nat
REROUTING ACCEPT [0:0]
OSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [1:69]
# Forward Warcraft 3 computer
-A PREROUTING -p tcp --dport 6112 -i eth0 -j DNAT --to 192.168.0.16:6112
# VNC
-A PREROUTING -p tcp --dport 5900 -i eth0 -j DNAT --to 192.168.0.16:5900
-A PREROUTING -p tcp --dport 5800 -i eth0 -j DNAT --to 192.168.0.16:5800
# Azeureus
-A PREROUTING -p tcp -i eth0 --dport 6881 -j DNAT --to 192.168.0.16:6881
# Civ III -- DOES NOT WORK
-A PREROUTING -p udp -i etho0 --dport 13139 -j DNAT --to 192.168.0.16:13139
-A PREROUTING -p tcp -i etho0 --dport 6500 -j DNAT --to 192.168.0.16:6500
-A PREROUTING -p udp -i etho0 --dport 2302 -j DNAT --to 192.168.0.16:2302
-A POSTROUTING -s 192.168.0.0/24 -d 0/0 -o eth0 -j MASQUERADE
COMMIT
#
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A RH-Lokkit-0-50-INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0 --dport 67:68 -i eth0 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0 --dport 67:68 -i eth1 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
# home
-A RH-Lokkit-0-50-INPUT -p tcp -s 192.168.0.0/24 -d 0/0 -i eth1 -j ACCEPT
# frend
-A RH-Lokkit-0-50-INPUT -p tcp -s 67.171.6.93 -d 0/0 -i eth0 -j ACCEPT
# new warehouse
-A RH-Lokkit-0-50-INPUT -p tcp -s 209.221.182.0/24 -d 0/0 -i eth0 -j ACCEPT
#
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport http --syn -j ACCEPT
#
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2049 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2049 -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 6000:6009 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 7100 --syn -j REJECT
COMMIT
I'm sitting behind a linux router, where I use iptables for my firewall and all my port forwarding needs.
In the past, whenever I'd want to host something (like warcraft 3, starcraft, other appplication), I would simply add a line like the following, and restart the iptables:
-A PREROUTING -p tcp --dport <port number> -i eth0 -j DNAT --to <my comp's IP : port number>
which would forward all requests to that port onto my own computer.
And I never had problems hosting any games using such set up. However, I have problems with civilization. I forwarded all the ports as said in the manual, and nothing else is closed. Yet, I still am not able to host games. Here's my IPTables configuration, hope somebody helps me:
*nat
REROUTING ACCEPT [0:0]OSTROUTING ACCEPT [0:0]:OUTPUT ACCEPT [1:69]
# Forward Warcraft 3 computer
-A PREROUTING -p tcp --dport 6112 -i eth0 -j DNAT --to 192.168.0.16:6112
# VNC
-A PREROUTING -p tcp --dport 5900 -i eth0 -j DNAT --to 192.168.0.16:5900
-A PREROUTING -p tcp --dport 5800 -i eth0 -j DNAT --to 192.168.0.16:5800
# Azeureus
-A PREROUTING -p tcp -i eth0 --dport 6881 -j DNAT --to 192.168.0.16:6881
# Civ III -- DOES NOT WORK
-A PREROUTING -p udp -i etho0 --dport 13139 -j DNAT --to 192.168.0.16:13139
-A PREROUTING -p tcp -i etho0 --dport 6500 -j DNAT --to 192.168.0.16:6500
-A PREROUTING -p udp -i etho0 --dport 2302 -j DNAT --to 192.168.0.16:2302
-A POSTROUTING -s 192.168.0.0/24 -d 0/0 -o eth0 -j MASQUERADE
COMMIT
#
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A RH-Lokkit-0-50-INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0 --dport 67:68 -i eth0 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0 --dport 67:68 -i eth1 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
# home
-A RH-Lokkit-0-50-INPUT -p tcp -s 192.168.0.0/24 -d 0/0 -i eth1 -j ACCEPT
# frend
-A RH-Lokkit-0-50-INPUT -p tcp -s 67.171.6.93 -d 0/0 -i eth0 -j ACCEPT
# new warehouse
-A RH-Lokkit-0-50-INPUT -p tcp -s 209.221.182.0/24 -d 0/0 -i eth0 -j ACCEPT
#
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport http --syn -j ACCEPT
#
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2049 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2049 -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 6000:6009 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 7100 --syn -j REJECT
COMMIT
