On Thu, 2003-11-27 at 14:58, Antony Stone wrote: > On Thursday 27 November 2003 12:48 pm, sc2@xxxxxx wrote: > > > > So "iptables -I FORWARD -m state --state >ESTABLISHED,RELATED -j ACCEPT" > > > might be a good idea. > > > > i should include this ? > > This will alloow the reply packets pack again - if you don't have this, you > need a specific rule to allow those the same as you have a specific rule to > allow the original packets. Don't forget communications go both ways > through a firewall :) > > > b.) the port / service is a udp/tcp , port of a half - life game server, so > > the clients are not on the same subnet > > they are connecting to x.24.51 > and should FW to .24.58: > > Does halflife work through NAT? > > I don't know (maybe someone else here does), but you should be aware that > there are some protocols which just work through NAT, some which are a bit of > a challenge, and some which won't work at all. > Halflife like most network games uses UDP, so should be able to work through nat. > I don't know which group halflife falls into. > > Antony. -- -- Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Attachment:
signature.asc
Description: This is a digitally signed message part
