[cod] CoD and my struggle with NAT

Boy_One (COD System Admin) cod at kaleplek.net
Fri Jan 9 13:53:34 EST 2004 

Here are all my settings i run on my server.

Startup line : /games/cod/cod_lnxded +set logfile 2 +set developer 2 +set
dedicated 2 +set netp_ip 62.216.16.89 +ip 62.216.16.89 +set ttycon 0 +exec
quint.cfg

quint.cfg (i know i like to use my own name... LoL)

// GENERAL SETTINGS
// seta sv_mapRotation "gametype tdm map mp_omaha gametype tdm map evreux
gametype tdm map farm2 gametype tdm map fivepoints gametype tdm map mp_mink
gametype tdm map mp_v2 gametype tdm map Neverland gametype tdm map
Portvillage gametype tdm map street gametype dm map DM_Fort gametype tdm map
mp_riveredge gametype tdm map mp_berlin gametype tdm map mp_pegasusday
gametype tdm map mp_tanktown gametype tdm map mp_panzerbunker gametype tdm
map farm gametype tdm map mp_brecourt gametype tdm mp_pegasusnight gametype
tdm map mp_carentan gametype tdm map mp_chateau gametype tdm map
mp_dawnville gametype tdm map mp_depot gametype tdm map mp_harbor gametype
tdm map mp_hurtgen gametype tdm map mp_pavlov gametype tdm map mp_powcamp
gametype tdm map mp_railyard gametype tdm map mp_rocket gametype tdm map
mp_ship "
seta sv_mapRotation "gametype tdm map mp_brecourt gametype gametype tdm map
mp_carentan gametype tdm map mp_chateau gametype tdm map mp_dawnville
gametype tdm map mp_depot gametype tdm map mp_harbor gametype tdm map
mp_hurtgen gametype tdm map mp_pavlov gametype tdm map mp_powcamp gametype
tdm map mp_railyard gametype tdm map mp_rocket gametype tdm map mp_ship "
set sv_hostname "---> Little Fun Dutch Linux Server <---"
set scr_motd "Welcome to the dutch Hell Hole!"
set rconPassword "xxxxxxxxxx"
set g_privatepassword "xxxxxxx"
set scr_friendlyfire "0"
set sv_cheats "0"
seta sv_maxclients "12"
set sv_maxping "200"
set sv_gamespy 1
seta sv_gamespy 1
seta dedicated 2
set dedicated 2
set g_allowvote "0"
set scr_allow_vote "0"
seta sv_privateclients "2"
set sv_allowDownload "0"

// WEAPONS SETTINGS
seta scr_allow_bar "1"
seta scr_allow_mp40 "1"
seta scr_allow_mp44 "1"
seta scr_allow_ppsh "1"
seta scr_allow_sten "1"
seta scr_allow_thompson "1"
seta scr_allow_bren "1"
seta scr_allow_m1garand "1"
seta scr_allow_nagant "1"
seta scr_allow_enfield "1"
seta scr_allow_kar98k "1"
seta scr_allow_m1carbine "1"
seta scr_allow_kar98ksniper "1"
seta scr_allow_springfield "1"
seta scr_allow_fg42 "0"
seta scr_allow_panzerfaust "1"

//pk3 settings and messages en wat prive dingen

//Kill cam-spectate mod + how-to

set g_ioteamspec 1                               // 1 = Teamonly spectate 0
= spectate all
set g_ioteamspec "1"                              // 1 = Teamonly spectate 0
= spectate all
set g_iokillcam 1                                // 1 = killcam on 0 =
killcam off
set g_iokillcam "1"                                // 1 = killcam on 0 =
killcam off

seta sv_linerd1 "Welcome to ---> Little Fun Dutch Linux Server <---"
seta sv_linerd2 "Server Admin Boy_One and Padjepuf"
seta sv_linerd3 "Home of -> SE Easy CLAN <-"
seta sv_linerd4 "For any questions please contact us at: Server Admin email:
cod at kaleplek.net"
seta sv_rddelay "10"

seta sv_master1 "codmaster.activision.com"
seta sv_master2 "master0.gamespy.com"
seta sv_master3 "master1.gamespy.com"
seta sv_master4 "clanservers.net
// set net_lanauthorize 0

// ADVANCED SETTINGS
seta net_port "28960"
seta scr_forcerespawn "0"
seta sv_floodprotect "1"
seta developer "2"
seta pure "1"
seta g_log "qconsole.log"
seta scr_drawfriend "0"
seta sv_fps "20"
set sv_maxrate "2100"

// GAMETYPE - SPECIFIC SETTINGS
seta scr_dm_scorelimit "50"
seta scr_dm_timelimit "30"
seta scr_tdm_scorelimit "250"
seta scr_tdm_timelimit "20"
seta scr_sd_scorelimit "10"
seta scr_sd_timelimit "0"
seta scr_sd_graceperiod "15"
seta scr_sd_roundlength "4"
seta scr_sd_roundlimit "0"
seta scr_bel_alivepointtime "10"
seta scr_bel_timelimit "30"
seta scr_bel_scorelimit "50"
seta scr_re_showcarrier "0"
seta scr_re_scorelimit "0"
seta scr_re_timelimit "0"
seta scr_re_graceperiod "15"
seta scr_re_roundlength "4"
seta scr_re_roundlimit "0"

// CUSTOM ENTRY

seta scr_motd "Welcome to the dutch Hell Hole!"
// Please leave the above line in or somehow acknowledge you have used this
program, thanks.

// START MAP CYCLE
map_rotate


Regards
Quint

----- Original Message -----
From: "Bryan Kuhn" <bryan at infinityward.com>
To: <cod at icculus.org>
Sent: Friday, January 09, 2004 19:09
Subject: Re: [cod] CoD and my struggle with NAT


> Are you running developer 1? I have a hard time getting it to happen
> with developer off.
>
> Friday, January 9, 2004, 4:08:57 AM, you wrote:
> > Yeah..... That's exactly my problem a multihomed network for public use,
> > and no connection from private network... Thanks for looking at this...
> > I hope it's going to be fixed. If you need a testserver/testclient or
what
> > else... Here i am......
>
> >> Its only multihomed servers with public and private interfaces. It even
> >> works correctly over a vpn with 2 different private networks. This
isn't
> >> that common except for people running small private servers
> >> which could just be run as dedicated 1.
> >>
> >> Friday, January 9, 2004, 12:59:14 AM, you wrote:
> >>> Bryan,
> >>
> >>> we have been posting this issue for a long time. It would be really
> >>> great if it got addressed. I am really surprised that this was never
> >>> tested. Very few companies used public IP address for internal LANs.
> >>> All of them use non-public addresses (i.e. 192.168.0.0).
> >>
> >>> I also think this applies to the Windows version.
> >>
> >>
> >>> Bryan Kuhn said:
> >>>> I think I finally reproed this. No promises it gets fixed or anything
> >>>> though.
> >>>>
> >>>> -----Original Message-----
> >>>> From: Eduardo E. Silva [mailto:esilva at silvex.com]
> >>>> Sent: Thursday, January 08, 2004 12:01 PM
> >>>> To: cod at icculus.org
> >>>> Subject: RE: Re[2]: [cod] CoD and my struggle with NAT
> >>>>
> >>>> Bryan, I have mine set to 0 (zero) and I still cannot log to my linux
> >>>> server. MOH:AA never had this problem. My setup is similar to
> >>>> everybody. Try if are able to see my server with the in-game browser
> >>>> "|NQ|silvex Linux Host" set for search and destroy.
> >>>>
> >>>>   COD NATed
> >>>>    Client            eth1          Server         eth0
> >>>> 172.16.200.19<-->172.16.200.1<-- COD/Linux -->24.16.199.160
> >>>>
> >>>>
> >>>>
> >>>> I am able to connect to ANYBODY but my server. Will you guys address
> >>>> this issue in the 'upcoming' patch. That will be phenomenal! This
> >>>> game OWNS MOH:AA
> >>>>
> >>>> Bryan Kuhn said:
> >>>>> It's a cvar, and it makes the server always authorize.
> >>>>>
> >>>>> -----Original Message-----
> >>>>> From: Eduardo E. Silva [mailto:esilva at silvex.com]
> >>>>> Sent: Wednesday, January 07, 2004 12:23 PM
> >>>>> To: cod at icculus.org
> >>>>> Subject: Re: Re[2]: [cod] CoD and my struggle with NAT
> >>>>>
> >>>>> What does net_lanauthorize do and where is it set ?
> >>>>>
> >>>>> Bryan Kuhn said:
> >>>>>> Your saying on the same subnet it is still authorizing you? You
> >>>>>> don't have  set to 1 do you? Are you only binding it to the
> >>>>>> external ip address?
> >>>>>>
> >>>>>> Wednesday, January 7, 2004, 8:51:02 AM, you wrote:
> >>>>>>> Yep i did but thats my problem, i use my server and firewall
> >>>>>>> tougether.
> >>>>>>> See
> >>>>>>> attached picture of my network. The thing is that my nat thinks
> >>>>>>> its outside
> >>>>>>> an rotates me directly trough nat.
> >>>>>>
> >>>>>>
> >>>>>>> Regards
> >>>>>>> Quint
> >>>>>>
> >>>>>>
> >>>>>>> ----- Original Message -----
> >>>>>>> From: "Steven Hartland" <steven at multiplay.co.uk>
> >>>>>>> To: <cod at icculus.org>
> >>>>>>> Sent: Wednesday, January 07, 2004 11:40
> >>>>>>> Subject: Re: [cod] CoD and my struggle with NAT
> >>>>>>
> >>>>>>
> >>>>>>>> Did you try this:
> >>>>>>>> <quote>
> >>>>>>>> Had a flash of inspiration this morning I think the following
> >>>>>>>> might just
> >>>>>>>> work.
> >>>>>>>>
> >>>>>>>> If we have this picture:
> >>>>>>>> NAT box: internal 10.10.10.1, external 1.1.1.1
> >>>>>>>> Server: internal 10.10.10.2
> >>>>>>>> Client: internal 10.10.10.3
> >>>>>>>>
> >>>>>>>> If we change this to:
> >>>>>>>> NAT box: internal 10.10.10.1, external 1.1.1.1
> >>>>>>>> Server: internal 10.10.10.2, fake 1.1.1.2 (alias)
> >>>>>>>> Client: internal 10.10.10.3, fake 1.1.1.1 (alias)
> >>>>>>>>
> >>>>>>>> And then force the client to connect to the server on 1.1.1.2 the
> >>>>>>>> ip
> >>>>>>> reported
> >>>>>>>> in the packet sent to the master will be the ip of the NAT
> >>>>>>>> (1.1.1.1) and
> >>>>>>> hence
> >>>>>>>> if port forwarding is setup correctly the auth packet will be
> >>>>>>>> forwarded
> >>>>>>>> to the client on 10.10.10.3 and it will all just work.
> >>>>>>>>
> >>>>>>>> Adding the 1.1.1.X aliases to the internal machines wont affect
> >>>>>>> connectivity
> >>>>>>>> as they have no routes to the outside world so all external
> >>>>>>>> connectivity
> >>>>>>>> will be done via the NAT'ed addresses.
> >>>>>>>>
> >>>>>>>> I cant test this here as I don't have NAT but Im pretty confident
> >>>>>>>> it will
> >>>>>>> work.
> >>>>>>>> </quote>
> >>>>>>>>
> >>>>>>>>     Steve / K
> >>>>>>>> ----- Original Message -----
> >>>>>>>> From: <cod at kaleplek.net>
> >>>>>>>> To: <cod at icculus.org>
> >>>>>>>> Sent: Wednesday, January 07, 2004 12:30 PM
> >>>>>>>> Subject: [cod] CoD and my struggle with NAT
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> > Hi all here am back again with more news.... Yes I'm still not
> >>>>>>>> stopped
> >>>>>>>> > debugging... ;-)
> >>>>>>>> >
> >>>>>>>> > A little update after asking Actvision for some help and all
> >>>>>>>> the
> >>>>>>>> good
> >>>>>>>> > ideas here (thanks for that) I went to a couple of friends of
> >>>>>>>> mine
> >>>>>>>> who
> >>>>>>> are
> >>>>>>>> > a lot more Linux/Network goeroes then I am and the have looked
> >>>>>>>> at
> >>>>>>>> it
> >>>>>>>> and
> >>>>>>>> > came with an answer that was a little bit shocking for me. The
> >>>>>>>> answer
> >>>>>>> was
> >>>>>>>> > : IT IS NOT POSSIBLE WITHOUT A LITTLE PROGRAMMING HELP FROM
> >>>>>>>> ACTIVISION.
> >>>>>>> So
> >>>>>>>> > now I no for sure I am screwed. ;-)
> >>>>>>>> >
> >>>>>>>> > The gave a little push in the following direction. Activision
> >>>>>>>> made
> >>>>>>>> a
> >>>>>>>> > mistake to not make the server NAT/Firewall/Multihome aware
> >>>>>>>> this is
> >>>>>>>> an
> >>>>>>>> > issue that was already on the internet in games like Diablo
> >>>>>>>> etc.
> >>>>>>>> where
> >>>>>>>> > they fixed it (I really don't know how).
> >>>>>>>> >
> >>>>>>>> > My friends said this method that activision used is a lot
> >>>>>>>> better
> >>>>>>>> then
> >>>>>>> the
> >>>>>>>> > Method of EA because in the actvision method the server owner
> >>>>>>>> doesn't
> >>>>>>> get
> >>>>>>>> > the cd-keys in and can't steal them (See a post of me a while
> >>>>>>>> back).
> >>>>>>>> But
> >>>>>>>> > this method also brings some problem (DUHHHHH). A fix would be
> >>>>>>>> that
> >>>>>>>> it
> >>>>>>> is
> >>>>>>>> > possible on the server to config it and say if you use a
> >>>>>>>> NAT/Firewall
> >>>>>>> with
> >>>>>>>> > a private address like 10.5.x.x/192.168.x.x etc. etc. to give
> >>>>>>>> you
> >>>>>>>> an
> >>>>>>>> > opportunity to give an other address in a config file (public
> >>>>>>>> address)
> >>>>>>> the
> >>>>>>>> > will use to auth by activision. This method is like a proxy so
> >>>>>>> activision
> >>>>>>>> > should create a little proxy in there server for nat etc.
> >>>>>>>> >
> >>>>>>>> > We all came to the conclusion when the hype is gone the came
> >>>>>>>> will
> >>>>>>>> die
> >>>>>>>> > because the private range users who want to play it will not be
> >>>>>>>> able
> >>>>>>>> to
> >>>>>>> do
> >>>>>>>> > so.
> >>>>>>>> >
> >>>>>>>> > So is there a way I can connect to activision or talk to
> >>>>>>>> somebody
> >>>>>>>> who
> >>>>>>>> > build the linux binary version who can help me with this
> >>>>>>>> problem.
> >>>>>>>> Please
> >>>>>>>> > Please help my server is going up in the list and is full every
> >>>>>>>> day
> >>>>>>>> now,
> >>>>>>>> > and in this way also I have to stop it because I like to host
> >>>>>>>> if I
> >>>>>>>> can
> >>>>>>> be
> >>>>>>>> > a part of it. ;-)
> >>>>>>>> >
> >>>>>>>> > So please who can get me in contact with one of those guys or
> >>>>>>>> are
> >>>>>>>> they
> >>>>>>> in
> >>>>>>>> > this mailing group?????
> >>>>>>>> >
> >>>>>>>> > Regards
> >>>>>>>> > Quint
> >>>>>>>> > Boy_One
> >>>>>>>> >
> >>>>>>>> >
> >>>>>>>>
> >>>>>>>> ================================================
> >>>>>>>> This e.mail is private and confidential between Multiplay (UK)
> >>>>>>>> Ltd. and
> >>>>>>> the person or entity to whom it is addressed. In the event of
> >>>>>>> misdirection,
> >>>>>>> the recipient is prohibited from using, copying, printing or
> >>>>>>> otherwise disseminating it or any information contained in it.
> >>>>>>>>
> >>>>>>>> In the event of misdirection, illegible or incomplete
> >>>>>>>> transmission please
> >>>>>>> telephone (023) 8024 3137
> >>>>>>>> or return the E.mail to postmaster at multiplay.co.uk.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> Thanks,
> >>>>>
> >>>>> Ed Silva
> >>>>> Silvex Consulting Inc.
> >>>>> esilva at silvex.com
> >>>>> (714) 504-6870 Cell
> >>>>> (714) 897-3800 Fax
> >>>>>
> >>>>>
> >>>>
> >>>>
> >>>> --
> >>>> Thanks,
> >>>>
> >>>> Ed Silva
> >>>> Silvex Consulting Inc.
> >>>> esilva at silvex.com
> >>>> (714) 504-6870 Cell
> >>>> (714) 897-3800 Fax
>
>
>
>
>
>

More information about the Cod mailing list