<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 10 (filtered)">
<title>RE: [cod] What ports do I need opened in my firewall for CoD?</title>
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:blue;
text-decoration:underline;}
p
{margin-right:0in;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman";}
span.EmailStyle18
{font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=blue>
<div class=Section1>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Thanks, that actually did the trick!
Here’s what I did and some other little tips for anyone else that has a
Fedora core 1 install with firewall settings set for high.</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>The firewall settings for Fedora core 1 (RedHat
9) only block on incoming packets (INPUT chain and also FORWARD chain) and
there are no blocks on outgoing packets (OUTPUT Chains). See the man page
iptables for further explanation. On the INPUT and FORWARD chain is a RH-Firewall-1-INPUT
Chain which I had to edit to open the ports.</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>To add an opening for port 28960 type this
command (as root, or if you have sudo prefix this command with sudo):</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>/sbin/iptables -I RH-Firewall-1-INPUT 1
-p udp --dport 28960 -j ACCEPT</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>If you run multiple servers on different
ports you need to run the above command with the other ports modifying the –dport
XXXXX.</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Lastly, you need to add this to the
startup iptables file so that if your server reboots or crashes, the ports will
be open when the server comes back up. The file you need to edit is in
/etc/sysconfig/iptables. Do a `cat /etc/sysconfig/iptables` then do
a `/sbin/iptables-save`. The output of iptables-save shows you what currently
is on the firewall. There will be a line for your port 28960. You
need to copy this line and add it to /etc/sysconfig/iptables. You also
need to add it in the same order as you see it in iptables-save.</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Since the firewall doesn’t block
anything going out, I didn’t have to open any holes for 20500 and 20510
which others have indicated are for cd-key authentication and browser listing (I
assume this is the master server list that people download in the multiplayer
game to see what servers are available on the net.).</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Mahalo,</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Mr.DaFoose </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'>
<p class=MsoNormal><font size=2 face=Tahoma><span style='font-size:10.0pt;
font-family:Tahoma'>-----Original Message-----<br>
<b><span style='font-weight:bold'>From:</span></b> Garcia, Ismael
[mailto:IGarcia@activision.com] <br>
<b><span style='font-weight:bold'>Sent:</span></b> Friday, November 21, 2003
12:58 PM<br>
<b><span style='font-weight:bold'>To:</span></b> 'cod@icculus.org'<br>
<b><span style='font-weight:bold'>Subject:</span></b> RE: [cod] What ports do I
need opened in my firewall for CoD?</span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'> </span></font></p>
<p><font size=2 face="Times New Roman"><span style='font-size:10.0pt'>make sure
your firewall software is set to allow UDP packets on port 28960. Call of
Duty(tm) uses this port for connection, message of the day, server browsing,
and so forth.</span></font></p>
<p><font size=2 face="Times New Roman"><span style='font-size:10.0pt'>IG</span></font>
</p>
<p><font size=2 face="Times New Roman"><span style='font-size:10.0pt'>-----Original
Message-----</span></font> <br>
<font size=2><span style='font-size:10.0pt'>From: Booker Apelin [<a
href="mailto:booker@lava.net">mailto:booker@lava.net</a>]</span></font> <br>
<font size=2><span style='font-size:10.0pt'>Sent: Friday, November 21, 2003
2:40 PM</span></font> <br>
<font size=2><span style='font-size:10.0pt'>To: cod@icculus.org</span></font> <br>
<font size=2><span style='font-size:10.0pt'>Subject: [cod] What ports do I need
opened in my firewall for CoD?</span></font> </p>
<p><font size=2 face="Times New Roman"><span style='font-size:10.0pt'>I just
installed fedora core 1 with it's firewall settings set to high.</span></font> <br>
<font size=2><span style='font-size:10.0pt'>(basically redhat 9)</span></font> </p>
<p><font size=2 face="Times New Roman"><span style='font-size:10.0pt'>I have a
server running, and when I have the firewall off on redhat, I can</span></font>
<br>
<font size=2><span style='font-size:10.0pt'>connect to the server, so I know
the server is working. So I've turned it</span></font> <br>
<font size=2><span style='font-size:10.0pt'>back to high.</span></font> </p>
<p><font size=2 face="Times New Roman"><span style='font-size:10.0pt'>Can
anyone tell me what port ranges to open up? If they have to be UDP or</span></font>
<br>
<font size=2><span style='font-size:10.0pt'>it doesn't matter? I want to
be able for gamespy to see my servers so it</span></font> <br>
<font size=2><span style='font-size:10.0pt'>comes up on their master list and
for people to connect to them.</span></font> </p>
<p><font size=2 face="Times New Roman"><span style='font-size:10.0pt'>I can try
and figure out how to open up the ports on my box but I need the</span></font> <br>
<font size=2><span style='font-size:10.0pt'>port ranges. Unless someone
already has done and is willing to hook me up</span></font> <br>
<font size=2><span style='font-size:10.0pt'>with that info :).</span></font> </p>
<p><font size=2 face="Times New Roman"><span style='font-size:10.0pt'>Mahalo,</span></font>
<br>
<font size=2><span style='font-size:10.0pt'>Mr.DaFoose</span></font> </p>
</div>
</div>
</body>
</html>