[cod] CoD and my struggle with NAT

Fri Jan 9 14:01:01 EST 2004

Don't use developer. I bet it will work once you turn that off, there
might be a slight delay when you first connect though.

Friday, January 9, 2004, 10:53:34 AM, you wrote:
> Here are all my settings i run on my server.

> Startup line : /games/cod/cod_lnxded +set logfile 2 +set developer 2 +set
> dedicated 2 +set netp_ip 62.216.16.89 +ip 62.216.16.89 +set ttycon 0 +exec
> quint.cfg

> quint.cfg (i know i like to use my own name... LoL)

> // GENERAL SETTINGS
> // seta sv_mapRotation "gametype tdm map mp_omaha gametype tdm map evreux
> gametype tdm map farm2 gametype tdm map fivepoints gametype tdm map mp_mink
> gametype tdm map mp_v2 gametype tdm map Neverland gametype tdm map
> Portvillage gametype tdm map street gametype dm map DM_Fort gametype tdm map
> mp_riveredge gametype tdm map mp_berlin gametype tdm map mp_pegasusday
> gametype tdm map mp_tanktown gametype tdm map mp_panzerbunker gametype tdm
> map farm gametype tdm map mp_brecourt gametype tdm mp_pegasusnight gametype
> tdm map mp_carentan gametype tdm map mp_chateau gametype tdm map
> mp_dawnville gametype tdm map mp_depot gametype tdm map mp_harbor gametype
> tdm map mp_hurtgen gametype tdm map mp_pavlov gametype tdm map mp_powcamp
> gametype tdm map mp_railyard gametype tdm map mp_rocket gametype tdm map
> mp_ship "
> seta sv_mapRotation "gametype tdm map mp_brecourt gametype gametype tdm map
> mp_carentan gametype tdm map mp_chateau gametype tdm map mp_dawnville
> gametype tdm map mp_depot gametype tdm map mp_harbor gametype tdm map
> mp_hurtgen gametype tdm map mp_pavlov gametype tdm map mp_powcamp gametype
> tdm map mp_railyard gametype tdm map mp_rocket gametype tdm map mp_ship "
> set sv_hostname "---> Little Fun Dutch Linux Server <---"
> set scr_motd "Welcome to the dutch Hell Hole!"
> set rconPassword "xxxxxxxxxx"
> set g_privatepassword "xxxxxxx"
> set scr_friendlyfire "0"
> set sv_cheats "0"
> seta sv_maxclients "12"
> set sv_maxping "200"
> set sv_gamespy 1
> seta sv_gamespy 1
> seta dedicated 2
> set dedicated 2
> set g_allowvote "0"
> set scr_allow_vote "0"
> seta sv_privateclients "2"
> set sv_allowDownload "0"

> // WEAPONS SETTINGS
> seta scr_allow_bar "1"
> seta scr_allow_mp40 "1"
> seta scr_allow_mp44 "1"
> seta scr_allow_ppsh "1"
> seta scr_allow_sten "1"
> seta scr_allow_thompson "1"
> seta scr_allow_bren "1"
> seta scr_allow_m1garand "1"
> seta scr_allow_nagant "1"
> seta scr_allow_enfield "1"
> seta scr_allow_kar98k "1"
> seta scr_allow_m1carbine "1"
> seta scr_allow_kar98ksniper "1"
> seta scr_allow_springfield "1"
> seta scr_allow_fg42 "0"
> seta scr_allow_panzerfaust "1"

> //pk3 settings and messages en wat prive dingen

> //Kill cam-spectate mod + how-to

> set g_ioteamspec 1                               // 1 = Teamonly spectate 0
> = spectate all
> set g_ioteamspec "1"                              // 1 = Teamonly spectate 0
> = spectate all
> set g_iokillcam 1                                // 1 = killcam on 0 =
> killcam off
> set g_iokillcam "1"                                // 1 = killcam on 0 =
> killcam off

> seta sv_linerd1 "Welcome to ---> Little Fun Dutch Linux Server <---"
> seta sv_linerd2 "Server Admin Boy_One and Padjepuf"
> seta sv_linerd3 "Home of -> SE Easy CLAN <-"
> seta sv_linerd4 "For any questions please contact us at: Server Admin email:
> cod at kaleplek.net"
> seta sv_rddelay "10"

> seta sv_master1 "codmaster.activision.com"
> seta sv_master2 "master0.gamespy.com"
> seta sv_master3 "master1.gamespy.com"
> seta sv_master4 "clanservers.net
> // set net_lanauthorize 0

> // ADVANCED SETTINGS
> seta net_port "28960"
> seta scr_forcerespawn "0"
> seta sv_floodprotect "1"
> seta developer "2"
> seta pure "1"
> seta g_log "qconsole.log"
> seta scr_drawfriend "0"
> seta sv_fps "20"
> set sv_maxrate "2100"

> // GAMETYPE - SPECIFIC SETTINGS
> seta scr_dm_scorelimit "50"
> seta scr_dm_timelimit "30"
> seta scr_tdm_scorelimit "250"
> seta scr_tdm_timelimit "20"
> seta scr_sd_scorelimit "10"
> seta scr_sd_timelimit "0"
> seta scr_sd_graceperiod "15"
> seta scr_sd_roundlength "4"
> seta scr_sd_roundlimit "0"
> seta scr_bel_alivepointtime "10"
> seta scr_bel_timelimit "30"
> seta scr_bel_scorelimit "50"
> seta scr_re_showcarrier "0"
> seta scr_re_scorelimit "0"
> seta scr_re_timelimit "0"
> seta scr_re_graceperiod "15"
> seta scr_re_roundlength "4"
> seta scr_re_roundlimit "0"

> // CUSTOM ENTRY

> seta scr_motd "Welcome to the dutch Hell Hole!"
> // Please leave the above line in or somehow acknowledge you have used this
> program, thanks.

> // START MAP CYCLE
> map_rotate

> Regards
> Quint

> ----- Original Message -----
> From: "Bryan Kuhn" <bryan at infinityward.com>
> To: <cod at icculus.org>
> Sent: Friday, January 09, 2004 19:09
> Subject: Re: [cod] CoD and my struggle with NAT

>> Are you running developer 1? I have a hard time getting it to happen
>> with developer off.
>>
>> Friday, January 9, 2004, 4:08:57 AM, you wrote:
>> > Yeah..... That's exactly my problem a multihomed network for public use,
>> > and no connection from private network... Thanks for looking at this...
>> > I hope it's going to be fixed. If you need a testserver/testclient or
> what
>> > else... Here i am......
>>
>> >> Its only multihomed servers with public and private interfaces. It even
>> >> works correctly over a vpn with 2 different private networks. This
> isn't
>> >> that common except for people running small private servers
>> >> which could just be run as dedicated 1.
>> >>
>> >> Friday, January 9, 2004, 12:59:14 AM, you wrote:
>> >>> Bryan,
>> >>
>> >>> we have been posting this issue for a long time. It would be really
>> >>> great if it got addressed. I am really surprised that this was never
>> >>> tested. Very few companies used public IP address for internal LANs.
>> >>> All of them use non-public addresses (i.e. 192.168.0.0).
>> >>
>> >>> I also think this applies to the Windows version.
>> >>
>> >>
>> >>> Bryan Kuhn said:
>> >>>> I think I finally reproed this. No promises it gets fixed or anything
>> >>>> though.
>> >>>>
>> >>>> -----Original Message-----
>> >>>> From: Eduardo E. Silva [mailto:esilva at silvex.com]
>> >>>> Sent: Thursday, January 08, 2004 12:01 PM
>> >>>> To: cod at icculus.org
>> >>>> Subject: RE: Re[2]: [cod] CoD and my struggle with NAT
>> >>>>
>> >>>> Bryan, I have mine set to 0 (zero) and I still cannot log to my linux
>> >>>> server. MOH:AA never had this problem. My setup is similar to
>> >>>> everybody. Try if are able to see my server with the in-game browser
>> >>>> "|NQ|silvex Linux Host" set for search and destroy.
>> >>>>
>> >>>>   COD NATed
>> >>>>    Client            eth1          Server         eth0
>> >>>> 172.16.200.19<-->172.16.200.1<-- COD/Linux -->24.16.199.160
>> >>>>
>> >>>>
>> >>>>
>> >>>> I am able to connect to ANYBODY but my server. Will you guys address
>> >>>> this issue in the 'upcoming' patch. That will be phenomenal! This
>> >>>> game OWNS MOH:AA
>> >>>>
>> >>>> Bryan Kuhn said:
>> >>>>> It's a cvar, and it makes the server always authorize.
>> >>>>>
>> >>>>> -----Original Message-----
>> >>>>> From: Eduardo E. Silva [mailto:esilva at silvex.com]
>> >>>>> Sent: Wednesday, January 07, 2004 12:23 PM
>> >>>>> To: cod at icculus.org
>> >>>>> Subject: Re: Re[2]: [cod] CoD and my struggle with NAT
>> >>>>>
>> >>>>> What does net_lanauthorize do and where is it set ?
>> >>>>>
>> >>>>> Bryan Kuhn said:
>> >>>>>> Your saying on the same subnet it is still authorizing you? You
>> >>>>>> don't have  set to 1 do you? Are you only binding it to the
>> >>>>>> external ip address?
>> >>>>>>
>> >>>>>> Wednesday, January 7, 2004, 8:51:02 AM, you wrote:
>> >>>>>>> Yep i did but thats my problem, i use my server and firewall
>> >>>>>>> tougether.
>> >>>>>>> See
>> >>>>>>> attached picture of my network. The thing is that my nat thinks
>> >>>>>>> its outside
>> >>>>>>> an rotates me directly trough nat.
>> >>>>>>
>> >>>>>>
>> >>>>>>> Regards
>> >>>>>>> Quint
>> >>>>>>
>> >>>>>>
>> >>>>>>> ----- Original Message -----
>> >>>>>>> From: "Steven Hartland" <steven at multiplay.co.uk>
>> >>>>>>> To: <cod at icculus.org>
>> >>>>>>> Sent: Wednesday, January 07, 2004 11:40
>> >>>>>>> Subject: Re: [cod] CoD and my struggle with NAT
>> >>>>>>
>> >>>>>>
>> >>>>>>>> Did you try this:
>> >>>>>>>> <quote>
>> >>>>>>>> Had a flash of inspiration this morning I think the following
>> >>>>>>>> might just
>> >>>>>>>> work.
>> >>>>>>>>
>> >>>>>>>> If we have this picture:
>> >>>>>>>> NAT box: internal 10.10.10.1, external 1.1.1.1
>> >>>>>>>> Server: internal 10.10.10.2
>> >>>>>>>> Client: internal 10.10.10.3
>> >>>>>>>>
>> >>>>>>>> If we change this to:
>> >>>>>>>> NAT box: internal 10.10.10.1, external 1.1.1.1
>> >>>>>>>> Server: internal 10.10.10.2, fake 1.1.1.2 (alias)
>> >>>>>>>> Client: internal 10.10.10.3, fake 1.1.1.1 (alias)
>> >>>>>>>>
>> >>>>>>>> And then force the client to connect to the server on 1.1.1.2 the
>> >>>>>>>> ip
>> >>>>>>> reported
>> >>>>>>>> in the packet sent to the master will be the ip of the NAT
>> >>>>>>>> (1.1.1.1) and
>> >>>>>>> hence
>> >>>>>>>> if port forwarding is setup correctly the auth packet will be
>> >>>>>>>> forwarded
>> >>>>>>>> to the client on 10.10.10.3 and it will all just work.
>> >>>>>>>>
>> >>>>>>>> Adding the 1.1.1.X aliases to the internal machines wont affect
>> >>>>>>> connectivity
>> >>>>>>>> as they have no routes to the outside world so all external
>> >>>>>>>> connectivity
>> >>>>>>>> will be done via the NAT'ed addresses.
>> >>>>>>>>
>> >>>>>>>> I cant test this here as I don't have NAT but Im pretty confident
>> >>>>>>>> it will
>> >>>>>>> work.
>> >>>>>>>> </quote>
>> >>>>>>>>
>> >>>>>>>>     Steve / K
>> >>>>>>>> ----- Original Message -----
>> >>>>>>>> From: <cod at kaleplek.net>
>> >>>>>>>> To: <cod at icculus.org>
>> >>>>>>>> Sent: Wednesday, January 07, 2004 12:30 PM
>> >>>>>>>> Subject: [cod] CoD and my struggle with NAT
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>> > Hi all here am back again with more news.... Yes I'm still not
>> >>>>>>>> stopped
>> >>>>>>>> > debugging... ;-)
>> >>>>>>>> >
>> >>>>>>>> > A little update after asking Actvision for some help and all
>> >>>>>>>> the
>> >>>>>>>> good
>> >>>>>>>> > ideas here (thanks for that) I went to a couple of friends of
>> >>>>>>>> mine
>> >>>>>>>> who
>> >>>>>>> are
>> >>>>>>>> > a lot more Linux/Network goeroes then I am and the have looked
>> >>>>>>>> at
>> >>>>>>>> it
>> >>>>>>>> and
>> >>>>>>>> > came with an answer that was a little bit shocking for me. The
>> >>>>>>>> answer
>> >>>>>>> was
>> >>>>>>>> > : IT IS NOT POSSIBLE WITHOUT A LITTLE PROGRAMMING HELP FROM
>> >>>>>>>> ACTIVISION.
>> >>>>>>> So
>> >>>>>>>> > now I no for sure I am screwed. ;-)
>> >>>>>>>> >
>> >>>>>>>> > The gave a little push in the following direction. Activision
>> >>>>>>>> made
>> >>>>>>>> a
>> >>>>>>>> > mistake to not make the server NAT/Firewall/Multihome aware
>> >>>>>>>> this is
>> >>>>>>>> an
>> >>>>>>>> > issue that was already on the internet in games like Diablo
>> >>>>>>>> etc.
>> >>>>>>>> where
>> >>>>>>>> > they fixed it (I really don't know how).
>> >>>>>>>> >
>> >>>>>>>> > My friends said this method that activision used is a lot
>> >>>>>>>> better
>> >>>>>>>> then
>> >>>>>>> the
>> >>>>>>>> > Method of EA because in the actvision method the server owner
>> >>>>>>>> doesn't
>> >>>>>>> get
>> >>>>>>>> > the cd-keys in and can't steal them (See a post of me a while
>> >>>>>>>> back).
>> >>>>>>>> But
>> >>>>>>>> > this method also brings some problem (DUHHHHH). A fix would be
>> >>>>>>>> that
>> >>>>>>>> it
>> >>>>>>> is
>> >>>>>>>> > possible on the server to config it and say if you use a
>> >>>>>>>> NAT/Firewall
>> >>>>>>> with
>> >>>>>>>> > a private address like 10.5.x.x/192.168.x.x etc. etc. to give
>> >>>>>>>> you
>> >>>>>>>> an
>> >>>>>>>> > opportunity to give an other address in a config file (public
>> >>>>>>>> address)
>> >>>>>>> the
>> >>>>>>>> > will use to auth by activision. This method is like a proxy so
>> >>>>>>> activision
>> >>>>>>>> > should create a little proxy in there server for nat etc.
>> >>>>>>>> >
>> >>>>>>>> > We all came to the conclusion when the hype is gone the came
>> >>>>>>>> will
>> >>>>>>>> die
>> >>>>>>>> > because the private range users who want to play it will not be
>> >>>>>>>> able
>> >>>>>>>> to
>> >>>>>>> do
>> >>>>>>>> > so.
>> >>>>>>>> >
>> >>>>>>>> > So is there a way I can connect to activision or talk to
>> >>>>>>>> somebody
>> >>>>>>>> who
>> >>>>>>>> > build the linux binary version who can help me with this
>> >>>>>>>> problem.
>> >>>>>>>> Please
>> >>>>>>>> > Please help my server is going up in the list and is full every
>> >>>>>>>> day
>> >>>>>>>> now,
>> >>>>>>>> > and in this way also I have to stop it because I like to host
>> >>>>>>>> if I
>> >>>>>>>> can
>> >>>>>>> be
>> >>>>>>>> > a part of it. ;-)
>> >>>>>>>> >
>> >>>>>>>> > So please who can get me in contact with one of those guys or
>> >>>>>>>> are
>> >>>>>>>> they
>> >>>>>>> in
>> >>>>>>>> > this mailing group?????
>> >>>>>>>> >
>> >>>>>>>> > Regards
>> >>>>>>>> > Quint
>> >>>>>>>> > Boy_One
>> >>>>>>>> >
>> >>>>>>>> >
>> >>>>>>>>
>> >>>>>>>> ================================================
>> >>>>>>>> This e.mail is private and confidential between Multiplay (UK)
>> >>>>>>>> Ltd. and
>> >>>>>>> the person or entity to whom it is addressed. In the event of
>> >>>>>>> misdirection,
>> >>>>>>> the recipient is prohibited from using, copying, printing or
>> >>>>>>> otherwise disseminating it or any information contained in it.
>> >>>>>>>>
>> >>>>>>>> In the event of misdirection, illegible or incomplete
>> >>>>>>>> transmission please
>> >>>>>>> telephone (023) 8024 3137
>> >>>>>>>> or return the E.mail to postmaster at multiplay.co.uk.
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>
>> >>>>>
>> >>>>>
>> >>>>> --
>> >>>>> Thanks,
>> >>>>>
>> >>>>> Ed Silva
>> >>>>> Silvex Consulting Inc.
>> >>>>> esilva at silvex.com
>> >>>>> (714) 504-6870 Cell
>> >>>>> (714) 897-3800 Fax
>> >>>>>
>> >>>>>
>> >>>>
>> >>>>
>> >>>> --
>> >>>> Thanks,
>> >>>>
>> >>>> Ed Silva
>> >>>> Silvex Consulting Inc.
>> >>>> esilva at silvex.com
>> >>>> (714) 504-6870 Cell
>> >>>> (714) 897-3800 Fax
>>
>>
>>
>>
>>
>>