Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 25 Jul 2001 12:50:28 -0700 (PDT)
From:      "Jeremy C. Reed" <reed@reedmedia.net>
To:        freebsd-questions@freebsd.org
Subject:   natd, ipfw and MechWarrior
Message-ID:  <Pine.LNX.4.21.0107251223290.11777-100000@pilchuck.reedmedia.net>
next in thread | raw e-mail | index | archive | help 
I have a working dialup gateway that uses ppp, natd and ipfw.

At first, the IPFW rules I used were from the dialup-firewall docs. This
appears to work fine for normal web browsing.

One user on the network plays MechWarrior. He was unable to play the game
and also unable to do some MechWarrior pings (show ping times to other
players).

So I used:
 /sbin/ipfw -f flush
 /sbin/ipfw add divert natd all from any to any via tun0
 /sbin/ipfw add pass all from any to any

And then the MechWarrior ping results started working. But the game still
can't be played.

According to some MechWarrior docs, tcp ports 9999, 28805, 28806, 28807,
28808 and udp 28800 need to be open. But I also read a posting that said
that I need tcp 6667, 6073, 2300-2400, 28800-29000, and udp 2300-2400 all
incoming.

I assume I should use natd's redirect_port; any ideas on how I can figure
out what ports I should redirect?

How can I view the current NAT (natd) connections? (And where is this
documented?)

Also, I am using natd flag "-log", but my logs are really sparse, for
example my log only shows:
Jul 25 11:53:27 bsd natd[159]: Aliasing to 4.x.x.x, mtu 1524 bytes
Jul 25 11:59:12 bsd natd[159]: failed to write packet back (Permission denied)

I read a bunch of postings about this "Permission denied", but I am still
not sure what this means (especially since my ipfw rules are so
short). What does this "failed to write packet back (Permission denied)" 
mean? (And where is this documented?)

Thanks,

   Jeremy C. Reed -- who has never played MechWarrior
   http://bsd.reedmedia.net/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0107251223290.11777-100000>