[bf1942] Firewall?

Wed Dec 11 19:04:04 EST 2002

We use the following script to enable our windows bf42 server behind our
rh7.2 server

Replace the 66.207.14.194 with your outside ip, and the 192.168.0.101 with
your internal

Not sure if all the ports are necessary, but oh well :)

/sbin/iptables -t nat -A PREROUTING -p tcp -i eth1 -d 66.207.14.194 --dport
28900 -j DNAT --to 192.168.0.101:28900
/sbin/iptables -A FORWARD -p tcp -i eth1 -d 192.168.0.101 --dport 28900 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
27900 -j DNAT --to 192.168.0.101:27900
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 27900 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23000 -j DNAT --to 192.168.0.101:23000
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23000 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23001 -j DNAT --to 192.168.0.101:23001
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23001 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23002 -j DNAT --to 192.168.0.101:23002
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23002 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23003 -j DNAT --to 192.168.0.101:23003
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23003 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23004 -j DNAT --to 192.168.0.101:23004
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23004 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23005 -j DNAT --to 192.168.0.101:23005
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23005 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23006 -j DNAT --to 192.168.0.101:23006
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23006 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23007 -j DNAT --to 192.168.0.101:23007
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23007 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23008 -j DNAT --to 192.168.0.101:23008
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23008 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
23009 -j DNAT --to 192.168.0.101:23009
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 23009 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
22000 -j DNAT --to 192.168.0.101:22000
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 22000 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
14567 -j DNAT --to 192.168.0.101:14567
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 14567 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
14568 -j DNAT --to 192.168.0.101:14568
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 14568 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
14569 -j DNAT --to 192.168.0.101:14569
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 14569 -j
ACCEPT

/sbin/iptables -t nat -A PREROUTING -p udp -i eth1 -d 66.207.14.194 --dport
14570 -j DNAT --to 192.168.0.101:14570
/sbin/iptables -A FORWARD -p udp -i eth1 -d 192.168.0.101 --dport 14570 -j
ACCEPT

-----Original Message-----
From: Anton Z [mailto:anton-z at rogers.com] 
Sent: Tuesday, October 29, 2002 12:23 AM
To: bf1942 at icculus.org
Subject: Re: [bf1942] Firewall?

I want to know this also. I opened ports 14567 and 23000 for the game, but
it still doesnt display in the server list, nor can I connect to it via ip.
But as soon as I take down my firewall, the thing appears and on the list,
and I can connect to it, but it crashes right away :( and I havent been able
to fix it. Someone let me know what else to turn off in the firewall, cause
I aint gonna keep it off. I am running Red Hat 8.0 with Linux Bastille
firewall

----- Original Message -----
From: "WarmFuzzy" <wf at warmfuzzyland.com>
To: <bf1942 at icculus.org>
Sent: Wednesday, December 11, 2002 6:53 PM
Subject: [bf1942] Firewall?

> Apologies if this is in a windows server readme somewhere already, but
> what holes to I have to poke in my firewall to run this server?  I didn't
> see any notes about that in the readme.
>
> -WF
>
> --
> GCS d-(+) s+: a- C+++$ U+++$ P++>+++ L++>+++$ E--- W++ N+ o K++ w$ O- M-
> V- PS+++ PE(--) Y+ PGP(++) t-@ 5 X-- R+++ tv- b+++ DI++ D++ G e h-- r y+*
>
>