Iptables and Winroute FIrewall 5.18

From: Antonio Martino (Parikkala_at_libero.it)
Date: 01/31/04 

Date: 31 Jan 2004 04:27:31 -0800

I have a game, Starcraft (Blizzard), I'd like to play on the internet
with all computers on my lan. But all my computers shares a an
internet connection through a computer with Kerio Winroute Firewall
5.18 with NAT activated ( and dhcp too).

This games uses port UDP 6112 for internet games but it is not
possible to set a rule 6112 - 6112 on the firewall because packets
going from internet server to local computers would not know which
computer they are heading for.

A solution should be the following:
-the client can only use 6112 but the server can handle requests also
on port range 6112-6119 which is enough for 8 players (the maximum
number of players in a game)
-so each client uses 6112
-the firewall should change IP of packets going from client to server
with its own (the usual IP masquerading) but also change the port on
the server according to the client IP (in fact on LAN clients differ
by IP address and use the same port, on the internet clients use the
same IP and differ by port used)
-then the firewall should forward the packets received by the server
to clients according to the port on it received them.

This solution should be what these iptables rules actually do:

iptables -t nat -I PREROUTING -p udp -d 217.133.229.230 --dport 6115
-j DNAT --to-destination 192.168.8.3:6112

iptables -t nat -I POSTROUTING -p udp -s 192.168.8.3 --sport 6112 -j
SNAT --to-source 217.133.229.230:6115

217.133.229.230 : internet server
192.168.8.3 : one client (seen by the server on port 6115)

what I want to do is simply to translate this iptables rules in Kerio
traffic policy rules! how should I add them? DO I need two Kerio rules
or just one?

Thank you
and bye bye
Antonio

Relevant Pages

  • RE: id- 1030 source - Userenv
    ... Thanks for using the SBS newsgroup! ... I understand that the issue to be: all client ... computers got 1030 error and can not connect to the SBS 2003 server box. ... Click Internet Protocol, ...
    (microsoft.public.windows.server.sbs)
  • Re: ISA Restict Internet Question
    ... associated user that can validate to the SBS Internet Users group? ... what else can the I tell the client to expect with Home vs. Pro? ... to prevent those computers from accessing the internet. ... It's a pain in my bottom to deal with these Home clients but I can only ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote Web Workplace - Connect to client workstations
    ... In Connect to Client desktops item lists all client computers on your SBS ... network that are running Windows XP or above; In Connect to Server desktops ... On the Tools menu, click Internet Options. ...
    (microsoft.public.windows.server.sbs)
  • Re: Letter of claim - p2p - UPDATE - More advice please needed
    ... Once we have received the signed undertakings together with the cheques referred to above in settlement of this matter, our client will take no further action against you. ... I myself do not use the Internet for downloading games, in fact all I do on the Internet is competitions and would have no idea how to download anything. ... I have had a look at my sons playstation games and cannot find this game, therefore I am unable to dispose of the game as we do not seem to have it. ...
    (uk.legal)
  • Re: Internet Connection Sharing Problem
    ... I shared the internet connection for ten other Winxp pro computers ... On each ICS client computer, right click the local area network ...
    (microsoft.public.windowsxp.network_web)