[cod] CoD and my struggle with NAT

Eduardo E. Silva esilva at silvex.com
Wed Jan 7 15:23:28 EST 2004 

What does net_lanauthorize do and where is it set ?

Bryan Kuhn said:
> Your saying on the same subnet it is still authorizing you? You don't
> have  set to 1 do you? Are you only binding it to the
> external ip address?
>
> Wednesday, January 7, 2004, 8:51:02 AM, you wrote:
>> Yep i did but thats my problem, i use my server and firewall tougether.
>> See
>> attached picture of my network. The thing is that my nat thinks its
>> outside
>> an rotates me directly trough nat.
>
>
>> Regards
>> Quint
>
>
>> ----- Original Message -----
>> From: "Steven Hartland" <steven at multiplay.co.uk>
>> To: <cod at icculus.org>
>> Sent: Wednesday, January 07, 2004 11:40
>> Subject: Re: [cod] CoD and my struggle with NAT
>
>
>>> Did you try this:
>>> <quote>
>>> Had a flash of inspiration this morning I think the following might
>>> just
>>> work.
>>>
>>> If we have this picture:
>>> NAT box: internal 10.10.10.1, external 1.1.1.1
>>> Server: internal 10.10.10.2
>>> Client: internal 10.10.10.3
>>>
>>> If we change this to:
>>> NAT box: internal 10.10.10.1, external 1.1.1.1
>>> Server: internal 10.10.10.2, fake 1.1.1.2 (alias)
>>> Client: internal 10.10.10.3, fake 1.1.1.1 (alias)
>>>
>>> And then force the client to connect to the server on 1.1.1.2 the ip
>> reported
>>> in the packet sent to the master will be the ip of the NAT (1.1.1.1)
>>> and
>> hence
>>> if port forwarding is setup correctly the auth packet will be forwarded
>>> to the client on 10.10.10.3 and it will all just work.
>>>
>>> Adding the 1.1.1.X aliases to the internal machines wont affect
>> connectivity
>>> as they have no routes to the outside world so all external
>>> connectivity
>>> will be done via the NAT'ed addresses.
>>>
>>> I cant test this here as I don't have NAT but Im pretty confident it
>>> will
>> work.
>>> </quote>
>>>
>>>     Steve / K
>>> ----- Original Message -----
>>> From: <cod at kaleplek.net>
>>> To: <cod at icculus.org>
>>> Sent: Wednesday, January 07, 2004 12:30 PM
>>> Subject: [cod] CoD and my struggle with NAT
>>>
>>>
>>> > Hi all here am back again with more news.... Yes I'm still not
>>> stopped
>>> > debugging... ;-)
>>> >
>>> > A little update after asking Actvision for some help and all the good
>>> > ideas here (thanks for that) I went to a couple of friends of mine
>>> who
>> are
>>> > a lot more Linux/Network goeroes then I am and the have looked at it
>>> and
>>> > came with an answer that was a little bit shocking for me. The answer
>> was
>>> > : IT IS NOT POSSIBLE WITHOUT A LITTLE PROGRAMMING HELP FROM
>>> ACTIVISION.
>> So
>>> > now I no for sure I am screwed. ;-)
>>> >
>>> > The gave a little push in the following direction. Activision made a
>>> > mistake to not make the server NAT/Firewall/Multihome aware this is
>>> an
>>> > issue that was already on the internet in games like Diablo etc.
>>> where
>>> > they fixed it (I really don't know how).
>>> >
>>> > My friends said this method that activision used is a lot better then
>> the
>>> > Method of EA because in the actvision method the server owner doesn't
>> get
>>> > the cd-keys in and can't steal them (See a post of me a while back).
>>> But
>>> > this method also brings some problem (DUHHHHH). A fix would be that
>>> it
>> is
>>> > possible on the server to config it and say if you use a NAT/Firewall
>> with
>>> > a private address like 10.5.x.x/192.168.x.x etc. etc. to give you an
>>> > opportunity to give an other address in a config file (public
>>> address)
>> the
>>> > will use to auth by activision. This method is like a proxy so
>> activision
>>> > should create a little proxy in there server for nat etc.
>>> >
>>> > We all came to the conclusion when the hype is gone the came will die
>>> > because the private range users who want to play it will not be able
>>> to
>> do
>>> > so.
>>> >
>>> > So is there a way I can connect to activision or talk to somebody who
>>> > build the linux binary version who can help me with this problem.
>>> Please
>>> > Please help my server is going up in the list and is full every day
>>> now,
>>> > and in this way also I have to stop it because I like to host if I
>>> can
>> be
>>> > a part of it. ;-)
>>> >
>>> > So please who can get me in contact with one of those guys or are
>>> they
>> in
>>> > this mailing group?????
>>> >
>>> > Regards
>>> > Quint
>>> > Boy_One
>>> >
>>> >
>>>
>>> ================================================
>>> This e.mail is private and confidential between Multiplay (UK) Ltd. and
>> the person or entity to whom it is addressed. In the event of
>> misdirection,
>> the recipient is prohibited from using, copying, printing or otherwise
>> disseminating it or any information contained in it.
>>>
>>> In the event of misdirection, illegible or incomplete transmission
>>> please
>> telephone (023) 8024 3137
>>> or return the E.mail to postmaster at multiplay.co.uk.
>>>
>>>
>>>
>


-- 
Thanks,

Ed Silva
Silvex Consulting Inc.
esilva at silvex.com
(714) 504-6870 Cell
(714) 897-3800 Fax

More information about the Cod mailing list