[cod] CoD and my struggle with NAT
cod at kaleplek.net
cod at kaleplek.net
Thu Jan 8 09:34:51 EST 2004
Sorry but there was a problem last nicht i couldn't reach icculus.org
anymore from my country. Sorry for the delay.
Yes i had it on 1 i did this because i had problems to get in gamespy and
or ASE etc. but lateron i forgot to open a port (Stupid me)ok i put it on
0 but still no luck it is still saying auth 10.5.1.123 so no luck here,
but is this the only cvar doing this or is there something else in the
dark binary of the linux version...;-)
By the way i am binding my server on my external interface with cvar
net_ip and cvar ip. I didn't try to remove this but could this be the
problem. i'm going to try tonight.
Greetz
Quint
Boy_One
> yeah, you could put it in your config file or on the command line. The
> default is 0 tho.
>
> Wednesday, January 7, 2004, 8:26:53 PM, you wrote:
>> how do you set it up ?
>
>> seta net_lanauthorize 0
>
>
>> Bryan Kuhn said:
>>> It makes it think every connection is an internet connection. I don't
>>> think
>>> there's any reason to ever set that to 1 beyond development.
>>>
>>> -----Original Message-----
>>> From: Eduardo E. Silva [mailto:esilva at silvex.com]
>>> Sent: Wednesday, January 07, 2004 3:19 PM
>>> To: cod at icculus.org
>>> Subject: RE: Re[2]: [cod] CoD and my struggle with NAT
>>>
>>> For the internet or just for the NATed LAN ? Or BOTH?
>>>
>>> Bryan Kuhn said:
>>>> It's a cvar, and it makes the server always authorize.
>>>>
>>>> -----Original Message-----
>>>> From: Eduardo E. Silva [mailto:esilva at silvex.com]
>>>> Sent: Wednesday, January 07, 2004 12:23 PM
>>>> To: cod at icculus.org
>>>> Subject: Re: Re[2]: [cod] CoD and my struggle with NAT
>>>>
>>>> What does net_lanauthorize do and where is it set ?
>>>>
>>>> Bryan Kuhn said:
>>>>> Your saying on the same subnet it is still authorizing you? You
>>>>> don't have set to 1 do you? Are you only binding it to the
>>>>> external ip address?
>>>>>
>>>>> Wednesday, January 7, 2004, 8:51:02 AM, you wrote:
>>>>>> Yep i did but thats my problem, i use my server and firewall
>>>>>> tougether.
>>>>>> See
>>>>>> attached picture of my network. The thing is that my nat thinks
>>>>>> its outside
>>>>>> an rotates me directly trough nat.
>>>>>
>>>>>
>>>>>> Regards
>>>>>> Quint
>>>>>
>>>>>
>>>>>> ----- Original Message -----
>>>>>> From: "Steven Hartland" <steven at multiplay.co.uk>
>>>>>> To: <cod at icculus.org>
>>>>>> Sent: Wednesday, January 07, 2004 11:40
>>>>>> Subject: Re: [cod] CoD and my struggle with NAT
>>>>>
>>>>>
>>>>>>> Did you try this:
>>>>>>> <quote>
>>>>>>> Had a flash of inspiration this morning I think the following
>>>>>>> might just
>>>>>>> work.
>>>>>>>
>>>>>>> If we have this picture:
>>>>>>> NAT box: internal 10.10.10.1, external 1.1.1.1
>>>>>>> Server: internal 10.10.10.2
>>>>>>> Client: internal 10.10.10.3
>>>>>>>
>>>>>>> If we change this to:
>>>>>>> NAT box: internal 10.10.10.1, external 1.1.1.1
>>>>>>> Server: internal 10.10.10.2, fake 1.1.1.2 (alias)
>>>>>>> Client: internal 10.10.10.3, fake 1.1.1.1 (alias)
>>>>>>>
>>>>>>> And then force the client to connect to the server on 1.1.1.2 the
>>>>>>> ip
>>>>>> reported
>>>>>>> in the packet sent to the master will be the ip of the NAT
>>>>>>> (1.1.1.1) and
>>>>>> hence
>>>>>>> if port forwarding is setup correctly the auth packet will be
>>>>>>> forwarded
>>>>>>> to the client on 10.10.10.3 and it will all just work.
>>>>>>>
>>>>>>> Adding the 1.1.1.X aliases to the internal machines wont affect
>>>>>> connectivity
>>>>>>> as they have no routes to the outside world so all external
>>>>>>> connectivity
>>>>>>> will be done via the NAT'ed addresses.
>>>>>>>
>>>>>>> I cant test this here as I don't have NAT but Im pretty confident
>>>>>>> it will
>>>>>> work.
>>>>>>> </quote>
>>>>>>>
>>>>>>> Steve / K
>>>>>>> ----- Original Message -----
>>>>>>> From: <cod at kaleplek.net>
>>>>>>> To: <cod at icculus.org>
>>>>>>> Sent: Wednesday, January 07, 2004 12:30 PM
>>>>>>> Subject: [cod] CoD and my struggle with NAT
>>>>>>>
>>>>>>>
>>>>>>> > Hi all here am back again with more news.... Yes I'm still not
>>>>>>> stopped
>>>>>>> > debugging... ;-)
>>>>>>> >
>>>>>>> > A little update after asking Actvision for some help and all
>>>>>>> the
>>>>>>> good
>>>>>>> > ideas here (thanks for that) I went to a couple of friends of
>>>>>>> mine
>>>>>>> who
>>>>>> are
>>>>>>> > a lot more Linux/Network goeroes then I am and the have looked
>>>>>>> at
>>>>>>> it
>>>>>>> and
>>>>>>> > came with an answer that was a little bit shocking for me. The
>>>>>>> answer
>>>>>> was
>>>>>>> > : IT IS NOT POSSIBLE WITHOUT A LITTLE PROGRAMMING HELP FROM
>>>>>>> ACTIVISION.
>>>>>> So
>>>>>>> > now I no for sure I am screwed. ;-)
>>>>>>> >
>>>>>>> > The gave a little push in the following direction. Activision
>>>>>>> made
>>>>>>> a
>>>>>>> > mistake to not make the server NAT/Firewall/Multihome aware
>>>>>>> this is
>>>>>>> an
>>>>>>> > issue that was already on the internet in games like Diablo
>>>>>>> etc.
>>>>>>> where
>>>>>>> > they fixed it (I really don't know how).
>>>>>>> >
>>>>>>> > My friends said this method that activision used is a lot
>>>>>>> better
>>>>>>> then
>>>>>> the
>>>>>>> > Method of EA because in the actvision method the server owner
>>>>>>> doesn't
>>>>>> get
>>>>>>> > the cd-keys in and can't steal them (See a post of me a while
>>>>>>> back).
>>>>>>> But
>>>>>>> > this method also brings some problem (DUHHHHH). A fix would be
>>>>>>> that
>>>>>>> it
>>>>>> is
>>>>>>> > possible on the server to config it and say if you use a
>>>>>>> NAT/Firewall
>>>>>> with
>>>>>>> > a private address like 10.5.x.x/192.168.x.x etc. etc. to give
>>>>>>> you
>>>>>>> an
>>>>>>> > opportunity to give an other address in a config file (public
>>>>>>> address)
>>>>>> the
>>>>>>> > will use to auth by activision. This method is like a proxy so
>>>>>> activision
>>>>>>> > should create a little proxy in there server for nat etc.
>>>>>>> >
>>>>>>> > We all came to the conclusion when the hype is gone the came
>>>>>>> will
>>>>>>> die
>>>>>>> > because the private range users who want to play it will not be
>>>>>>> able
>>>>>>> to
>>>>>> do
>>>>>>> > so.
>>>>>>> >
>>>>>>> > So is there a way I can connect to activision or talk to
>>>>>>> somebody
>>>>>>> who
>>>>>>> > build the linux binary version who can help me with this
>>>>>>> problem.
>>>>>>> Please
>>>>>>> > Please help my server is going up in the list and is full every
>>>>>>> day
>>>>>>> now,
>>>>>>> > and in this way also I have to stop it because I like to host
>>>>>>> if I
>>>>>>> can
>>>>>> be
>>>>>>> > a part of it. ;-)
>>>>>>> >
>>>>>>> > So please who can get me in contact with one of those guys or
>>>>>>> are
>>>>>>> they
>>>>>> in
>>>>>>> > this mailing group?????
>>>>>>> >
>>>>>>> > Regards
>>>>>>> > Quint
>>>>>>> > Boy_One
>>>>>>> >
>>>>>>> >
>>>>>>>
>>>>>>> ================================================
>>>>>>> This e.mail is private and confidential between Multiplay (UK)
>>>>>>> Ltd. and
>>>>>> the person or entity to whom it is addressed. In the event of
>>>>>> misdirection,
>>>>>> the recipient is prohibited from using, copying, printing or
>>>>>> otherwise disseminating it or any information contained in it.
>>>>>>>
>>>>>>> In the event of misdirection, illegible or incomplete
>>>>>>> transmission please
>>>>>> telephone (023) 8024 3137
>>>>>>> or return the E.mail to postmaster at multiplay.co.uk.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Thanks,
>>>>
>>>> Ed Silva
>>>> Silvex Consulting Inc.
>>>> esilva at silvex.com
>>>> (714) 504-6870 Cell
>>>> (714) 897-3800 Fax
>>>>
>>>>
>>>
>>>
>>> --
>>> Thanks,
>>>
>>> Ed Silva
>>> Silvex Consulting Inc.
>>> esilva at silvex.com
>>> (714) 504-6870 Cell
>>> (714) 897-3800 Fax
More information about the Cod
mailing list