Hi Thomas, please try out this script. I've tested it so far with
Starcraft, two computers joining the same game. Let me know how things
go.
On Sun, 11 May 2003, Thomas Stian Bergheim wrote:
Hi!
I'm playing warcraft behind a firewall (iptables) which runs on redhat8.
It works fine for me, but other clients on my internal network
(192.168.0.x) can't join me.
I guess this is because the packets they reply with have a different
source adress. So the solution should be fairly simple using iptables..
But I've tried many things, with no luck...
My server has two eths, one for the dsl connection, the other one for
the local network.
Anyone got a working setup with this or anything?
Thanks,
#!/bin/bash
# Written by Myles Uyema; khisanth at uyema d0t net
#
# This is a script to allow Starcraft games to be hosted behind
# a Linux IPTables firewall.
# Tested with Starcraft and 2 machines behind the firewall.
# This may work for other Battle.Net RTS games as well... YMMV
# My Internet IP address
CABLEIP=12.93.33.58
# My PRIVATE LAN Network
# This script assumes Class C network
PRIVLAN=192.168.5
# Battle.Net port usually 6112
BNETPORT=6112
# Enter the last dotted quad IP address of each PC
# We're assuming all the PCs are in a Class C private LAN
# Also, if you have more than 7 PCs, why do you want to get on Battle.net?
# So if my IP address is 192.168.5.5, PC1=5
PC1=5
PC2=98
PC3=
PC4=
PC5=
PC6=
PC7=
PC8=
export CABLEIP PRIVLAN
export PC1 PC2 PC3 PC4 PC5 PC6 PC7 PC8
case "$1" in
start)
iptables -t nat -F SC-OUT || iptables -t nat -N SC-OUT
iptables -t nat -F SC-IN || iptables -t nat -N SC-IN
iptables -t nat -I POSTROUTING -p udp -s ${PRIVLAN}.0/24 --sport $BNETPORT -j SC-OUT
for i in $PC1 $PC2 $PC3 $PC4 $PC5 $PC6 $PC7 $PC8
do
if [ $i -gt 0 ] ; then
iptables -t nat -I SC-OUT -s ${PRIVLAN}.${i} -p udp -j SNAT --to ${CABLEIP}:$((9000+$i))
iptables -t nat -I PREROUTING -p udp --dport $((9000+$i)) -j SC-IN
iptables -t nat -I SC-IN -d ${CABLEIP} -p udp --dport $((9000+$i)) -j DNAT --to ${PRIVLAN}.${i}:${BNETPORT}
fi
done
;;
stop)
iptables -t nat -F SC-OUT || exit 0
iptables -t nat -F SC-IN || exit 0
iptables -t nat -D POSTROUTING -p udp -s ${PRIVLAN}.0/24 --sport $BNETPORT -j SC-OUT
for i in $PC1 $PC2 $PC3 $PC4 $PC5 $PC6 $PC7 $PC8
do
if [ $i -gt 0 ] ; then
iptables -t nat -D PREROUTING -p udp --dport $((9000+$i)) -j SC-IN
fi
done
iptables -t nat -X SC-OUT
iptables -t nat -X SC-IN
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac
