[cod] CoD and my struggle with NAT

Boy_One (COD System Admin) cod at kaleplek.net
Thu Jan 8 12:05:55 EST 2004 

Hi all,

Here an update (and yes it is night not nicht stupid dutchman...LoL)

I tried not binding it on any interface still no luck... still getting 

sending getIpAuthorize for 10.5.1.123:28960

Please help i have the feeling we are getting close.

Just for my knowledge Steve/Bryan are you programmers of this binary???

Greetz
Quint
Boy_One

----- Original Message ----- 
From: <cod at kaleplek.net>
To: <cod at icculus.org>
Sent: Thursday, January 08, 2004 15:34
Subject: Re: Re[4]: [cod] CoD and my struggle with NAT


> Sorry but there was a problem last nicht i couldn't reach icculus.org
> anymore from my country. Sorry for the delay.
> 
> Yes i had it on 1 i did this because i had problems to get in gamespy and
> or ASE etc. but lateron i forgot to open a port (Stupid me)ok i put it on
> 0 but still no luck it is still saying auth 10.5.1.123 so no luck here,
> but is this the only cvar doing this or is there something else in the
> dark binary of the linux version...;-)
> 
> By the way i am binding my server on my external interface with cvar
> net_ip and cvar ip. I didn't try to remove this but could this be the
> problem. i'm going to try tonight.
> 
> Greetz
> Quint
> Boy_One
> 
> > yeah, you could put it in your config file or on the command line. The
> > default is 0 tho.
> >
> > Wednesday, January 7, 2004, 8:26:53 PM, you wrote:
> >> how do you set it up ?
> >
> >> seta net_lanauthorize 0
> >
> >
> >> Bryan Kuhn said:
> >>> It makes it think every connection is an internet connection. I don't
> >>> think
> >>> there's any reason to ever set that to 1 beyond development.
> >>>
> >>> -----Original Message-----
> >>> From: Eduardo E. Silva [mailto:esilva at silvex.com]
> >>> Sent: Wednesday, January 07, 2004 3:19 PM
> >>> To: cod at icculus.org
> >>> Subject: RE: Re[2]: [cod] CoD and my struggle with NAT
> >>>
> >>> For the internet or just for the NATed LAN ? Or BOTH?
> >>>
> >>> Bryan Kuhn said:
> >>>> It's a cvar, and it makes the server always authorize.
> >>>>
> >>>> -----Original Message-----
> >>>> From: Eduardo E. Silva [mailto:esilva at silvex.com]
> >>>> Sent: Wednesday, January 07, 2004 12:23 PM
> >>>> To: cod at icculus.org
> >>>> Subject: Re: Re[2]: [cod] CoD and my struggle with NAT
> >>>>
> >>>> What does net_lanauthorize do and where is it set ?
> >>>>
> >>>> Bryan Kuhn said:
> >>>>> Your saying on the same subnet it is still authorizing you? You
> >>>>> don't have  set to 1 do you? Are you only binding it to the
> >>>>> external ip address?
> >>>>>
> >>>>> Wednesday, January 7, 2004, 8:51:02 AM, you wrote:
> >>>>>> Yep i did but thats my problem, i use my server and firewall
> >>>>>> tougether.
> >>>>>> See
> >>>>>> attached picture of my network. The thing is that my nat thinks
> >>>>>> its outside
> >>>>>> an rotates me directly trough nat.
> >>>>>
> >>>>>
> >>>>>> Regards
> >>>>>> Quint
> >>>>>
> >>>>>
> >>>>>> ----- Original Message -----
> >>>>>> From: "Steven Hartland" <steven at multiplay.co.uk>
> >>>>>> To: <cod at icculus.org>
> >>>>>> Sent: Wednesday, January 07, 2004 11:40
> >>>>>> Subject: Re: [cod] CoD and my struggle with NAT
> >>>>>
> >>>>>
> >>>>>>> Did you try this:
> >>>>>>> <quote>
> >>>>>>> Had a flash of inspiration this morning I think the following
> >>>>>>> might just
> >>>>>>> work.
> >>>>>>>
> >>>>>>> If we have this picture:
> >>>>>>> NAT box: internal 10.10.10.1, external 1.1.1.1
> >>>>>>> Server: internal 10.10.10.2
> >>>>>>> Client: internal 10.10.10.3
> >>>>>>>
> >>>>>>> If we change this to:
> >>>>>>> NAT box: internal 10.10.10.1, external 1.1.1.1
> >>>>>>> Server: internal 10.10.10.2, fake 1.1.1.2 (alias)
> >>>>>>> Client: internal 10.10.10.3, fake 1.1.1.1 (alias)
> >>>>>>>
> >>>>>>> And then force the client to connect to the server on 1.1.1.2 the
> >>>>>>> ip
> >>>>>> reported
> >>>>>>> in the packet sent to the master will be the ip of the NAT
> >>>>>>> (1.1.1.1) and
> >>>>>> hence
> >>>>>>> if port forwarding is setup correctly the auth packet will be
> >>>>>>> forwarded
> >>>>>>> to the client on 10.10.10.3 and it will all just work.
> >>>>>>>
> >>>>>>> Adding the 1.1.1.X aliases to the internal machines wont affect
> >>>>>> connectivity
> >>>>>>> as they have no routes to the outside world so all external
> >>>>>>> connectivity
> >>>>>>> will be done via the NAT'ed addresses.
> >>>>>>>
> >>>>>>> I cant test this here as I don't have NAT but Im pretty confident
> >>>>>>> it will
> >>>>>> work.
> >>>>>>> </quote>
> >>>>>>>
> >>>>>>>     Steve / K
> >>>>>>> ----- Original Message -----
> >>>>>>> From: <cod at kaleplek.net>
> >>>>>>> To: <cod at icculus.org>
> >>>>>>> Sent: Wednesday, January 07, 2004 12:30 PM
> >>>>>>> Subject: [cod] CoD and my struggle with NAT
> >>>>>>>
> >>>>>>>
> >>>>>>> > Hi all here am back again with more news.... Yes I'm still not
> >>>>>>> stopped
> >>>>>>> > debugging... ;-)
> >>>>>>> >
> >>>>>>> > A little update after asking Actvision for some help and all
> >>>>>>> the
> >>>>>>> good
> >>>>>>> > ideas here (thanks for that) I went to a couple of friends of
> >>>>>>> mine
> >>>>>>> who
> >>>>>> are
> >>>>>>> > a lot more Linux/Network goeroes then I am and the have looked
> >>>>>>> at
> >>>>>>> it
> >>>>>>> and
> >>>>>>> > came with an answer that was a little bit shocking for me. The
> >>>>>>> answer
> >>>>>> was
> >>>>>>> > : IT IS NOT POSSIBLE WITHOUT A LITTLE PROGRAMMING HELP FROM
> >>>>>>> ACTIVISION.
> >>>>>> So
> >>>>>>> > now I no for sure I am screwed. ;-)
> >>>>>>> >
> >>>>>>> > The gave a little push in the following direction. Activision
> >>>>>>> made
> >>>>>>> a
> >>>>>>> > mistake to not make the server NAT/Firewall/Multihome aware
> >>>>>>> this is
> >>>>>>> an
> >>>>>>> > issue that was already on the internet in games like Diablo
> >>>>>>> etc.
> >>>>>>> where
> >>>>>>> > they fixed it (I really don't know how).
> >>>>>>> >
> >>>>>>> > My friends said this method that activision used is a lot
> >>>>>>> better
> >>>>>>> then
> >>>>>> the
> >>>>>>> > Method of EA because in the actvision method the server owner
> >>>>>>> doesn't
> >>>>>> get
> >>>>>>> > the cd-keys in and can't steal them (See a post of me a while
> >>>>>>> back).
> >>>>>>> But
> >>>>>>> > this method also brings some problem (DUHHHHH). A fix would be
> >>>>>>> that
> >>>>>>> it
> >>>>>> is
> >>>>>>> > possible on the server to config it and say if you use a
> >>>>>>> NAT/Firewall
> >>>>>> with
> >>>>>>> > a private address like 10.5.x.x/192.168.x.x etc. etc. to give
> >>>>>>> you
> >>>>>>> an
> >>>>>>> > opportunity to give an other address in a config file (public
> >>>>>>> address)
> >>>>>> the
> >>>>>>> > will use to auth by activision. This method is like a proxy so
> >>>>>> activision
> >>>>>>> > should create a little proxy in there server for nat etc.
> >>>>>>> >
> >>>>>>> > We all came to the conclusion when the hype is gone the came
> >>>>>>> will
> >>>>>>> die
> >>>>>>> > because the private range users who want to play it will not be
> >>>>>>> able
> >>>>>>> to
> >>>>>> do
> >>>>>>> > so.
> >>>>>>> >
> >>>>>>> > So is there a way I can connect to activision or talk to
> >>>>>>> somebody
> >>>>>>> who
> >>>>>>> > build the linux binary version who can help me with this
> >>>>>>> problem.
> >>>>>>> Please
> >>>>>>> > Please help my server is going up in the list and is full every
> >>>>>>> day
> >>>>>>> now,
> >>>>>>> > and in this way also I have to stop it because I like to host
> >>>>>>> if I
> >>>>>>> can
> >>>>>> be
> >>>>>>> > a part of it. ;-)
> >>>>>>> >
> >>>>>>> > So please who can get me in contact with one of those guys or
> >>>>>>> are
> >>>>>>> they
> >>>>>> in
> >>>>>>> > this mailing group?????
> >>>>>>> >
> >>>>>>> > Regards
> >>>>>>> > Quint
> >>>>>>> > Boy_One
> >>>>>>> >
> >>>>>>> >
> >>>>>>>
> >>>>>>> ================================================
> >>>>>>> This e.mail is private and confidential between Multiplay (UK)
> >>>>>>> Ltd. and
> >>>>>> the person or entity to whom it is addressed. In the event of
> >>>>>> misdirection,
> >>>>>> the recipient is prohibited from using, copying, printing or
> >>>>>> otherwise disseminating it or any information contained in it.
> >>>>>>>
> >>>>>>> In the event of misdirection, illegible or incomplete
> >>>>>>> transmission please
> >>>>>> telephone (023) 8024 3137
> >>>>>>> or return the E.mail to postmaster at multiplay.co.uk.
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>
> >>>>
> >>>>
> >>>> --
> >>>> Thanks,
> >>>>
> >>>> Ed Silva
> >>>> Silvex Consulting Inc.
> >>>> esilva at silvex.com
> >>>> (714) 504-6870 Cell
> >>>> (714) 897-3800 Fax
> >>>>
> >>>>
> >>>
> >>>
> >>> --
> >>> Thanks,
> >>>
> >>> Ed Silva
> >>> Silvex Consulting Inc.
> >>> esilva at silvex.com
> >>> (714) 504-6870 Cell
> >>> (714) 897-3800 Fax
> 
> 
> 
> 
>

More information about the Cod mailing list