[cod] CoD and my struggle with NAT

Wed Jan 7 12:08:20 EST 2004

Your saying on the same subnet it is still authorizing you? You don't
have net_lanauthorize set to 1 do you? Are you only binding it to the
external ip address?

Wednesday, January 7, 2004, 8:51:02 AM, you wrote:
> Yep i did but thats my problem, i use my server and firewall tougether. See
> attached picture of my network. The thing is that my nat thinks its outside
> an rotates me directly trough nat.

> Regards
> Quint

> ----- Original Message -----
> From: "Steven Hartland" <steven at multiplay.co.uk>
> To: <cod at icculus.org>
> Sent: Wednesday, January 07, 2004 11:40
> Subject: Re: [cod] CoD and my struggle with NAT

>> Did you try this:
>> <quote>
>> Had a flash of inspiration this morning I think the following might just
>> work.
>>
>> If we have this picture:
>> NAT box: internal 10.10.10.1, external 1.1.1.1
>> Server: internal 10.10.10.2
>> Client: internal 10.10.10.3
>>
>> If we change this to:
>> NAT box: internal 10.10.10.1, external 1.1.1.1
>> Server: internal 10.10.10.2, fake 1.1.1.2 (alias)
>> Client: internal 10.10.10.3, fake 1.1.1.1 (alias)
>>
>> And then force the client to connect to the server on 1.1.1.2 the ip
> reported
>> in the packet sent to the master will be the ip of the NAT (1.1.1.1) and
> hence
>> if port forwarding is setup correctly the auth packet will be forwarded
>> to the client on 10.10.10.3 and it will all just work.
>>
>> Adding the 1.1.1.X aliases to the internal machines wont affect
> connectivity
>> as they have no routes to the outside world so all external connectivity
>> will be done via the NAT'ed addresses.
>>
>> I cant test this here as I don't have NAT but Im pretty confident it will
> work.
>> </quote>
>>
>>     Steve / K
>> ----- Original Message -----
>> From: <cod at kaleplek.net>
>> To: <cod at icculus.org>
>> Sent: Wednesday, January 07, 2004 12:30 PM
>> Subject: [cod] CoD and my struggle with NAT
>>
>>
>> > Hi all here am back again with more news.... Yes I'm still not stopped
>> > debugging... ;-)
>> >
>> > A little update after asking Actvision for some help and all the good
>> > ideas here (thanks for that) I went to a couple of friends of mine who
> are
>> > a lot more Linux/Network goeroes then I am and the have looked at it and
>> > came with an answer that was a little bit shocking for me. The answer
> was
>> > : IT IS NOT POSSIBLE WITHOUT A LITTLE PROGRAMMING HELP FROM ACTIVISION.
> So
>> > now I no for sure I am screwed. ;-)
>> >
>> > The gave a little push in the following direction. Activision made a
>> > mistake to not make the server NAT/Firewall/Multihome aware this is an
>> > issue that was already on the internet in games like Diablo etc. where
>> > they fixed it (I really don't know how).
>> >
>> > My friends said this method that activision used is a lot better then
> the
>> > Method of EA because in the actvision method the server owner doesn't
> get
>> > the cd-keys in and can't steal them (See a post of me a while back). But
>> > this method also brings some problem (DUHHHHH). A fix would be that it
> is
>> > possible on the server to config it and say if you use a NAT/Firewall
> with
>> > a private address like 10.5.x.x/192.168.x.x etc. etc. to give you an
>> > opportunity to give an other address in a config file (public address)
> the
>> > will use to auth by activision. This method is like a proxy so
> activision
>> > should create a little proxy in there server for nat etc.
>> >
>> > We all came to the conclusion when the hype is gone the came will die
>> > because the private range users who want to play it will not be able to
> do
>> > so.
>> >
>> > So is there a way I can connect to activision or talk to somebody who
>> > build the linux binary version who can help me with this problem. Please
>> > Please help my server is going up in the list and is full every day now,
>> > and in this way also I have to stop it because I like to host if I can
> be
>> > a part of it. ;-)
>> >
>> > So please who can get me in contact with one of those guys or are they
> in
>> > this mailing group?????
>> >
>> > Regards
>> > Quint
>> > Boy_One
>> >
>> >
>>
>> ================================================
>> This e.mail is private and confidential between Multiplay (UK) Ltd. and
> the person or entity to whom it is addressed. In the event of misdirection,
> the recipient is prohibited from using, copying, printing or otherwise
> disseminating it or any information contained in it.
>>
>> In the event of misdirection, illegible or incomplete transmission please
> telephone (023) 8024 3137
>> or return the E.mail to postmaster at multiplay.co.uk.
>>
>>
>>