[ale] Re: Ping through Masq'ing firewall?

Robert L Harris nomad at rocky.orci.com
Sat Jan 3 16:33:29 EST 1998


> 
> On Sat, Jan 03, 1998 at 12:59:11PM -0700, Robert L Harris wrote:
> > Ok,
> >   My firewall/Masq is up and working beautifully.  The problem is that 
> > you can't ping a host outside from inside.  The firewall can ping out, but
> > machines behind it never get a response.
> >   This seems to be keeping Quake2 and Age Of Empire from being able to play
> > from behind it.  
> > 
> >   Anyone have any Ideas?  I'd really like to be able to play AOE...
> > 
> 
> Robert -
> 
> As usual, I am on my way out of the building.  Try ensuring that the icmp
> masquerading option is set in the kernel, and see if it is a module.  Look
> under /lib/modules for something with icmp in the name, and do insmod
> $icmp_module_name if necessary.  I think it is probably a module, but I
> have it specifically disabled on my firewall for now.
> 

Have I got timing or what?  Anyway, I've checked the compilation a number of
times.  I've enabled everything I can find to enable and I'm loading all modules
that seem even close to related.

I just talked to some friends and it seems that AOE and Quake2 both use
random UDP ports that is negotiated at boot time.  It seems that the 
people who write the ip_masq stuff don't want to re-engineer the whole
setup to deal with this.  If I was in their place, I probably wouldn't
want to also.  The problem is that creating games that work like this 
will probably be a lasting trend.  Maybe there can be some user space
translator or such...  This goes beyond me.

Robert

---------------------------------------------------------------------------
Robert L. Harris          |   NT is secure.... 
System Engineer For Hire. \_   as long as you don't remove the shrink wrap.

http://www.orci.com/~nomad

DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'






More information about the Ale mailing list