Topic: Opening UDP Ports

[DOK]

Hi again. I have finished my upgrade awhile ago and all went well.
I am going to runa few games on a remote server connected to sme server 7.5.1 in server/gateway mode. the game server is running debian lenny. The problem i am running into is that when i open ports 20800,20800,28960-28969  Tcp and Udp and i run this command to check the ports thri iptables.

www.totalclanservers.com is the host name of the sme server not the debian server.
www.totalclanservers.com is port forwarded to the debian server as that is where the website and game control panels will be located as of now the debian server is offline for now. i will turn it back online again tomarrow.

iptables -L |grep 28961

This is what it shows.
ACCEPT     tcp  --  anywhere             www.totalclanservers.com tcp dpt:28961
ACCEPT     udp  --  anywhere             www.totalclanservers.com udp dpt:28961


I am using the port forwarding panel on sme server to forward ports from the debian server to sme to the internet.
The master query ports are 20800 and 20810 and are also listed with,

 iptables -L |grep 20800

ACCEPT     tcp  --  anywhere             www.totalclanservers.com tcp dpt:20800
ACCEPT     udp  --  anywhere             www.totalclanservers.com udp dpt:20800

ACCEPT     tcp  --  anywhere             www.totalclanservers.com tcp dpt:20810
ACCEPT     udp  --  anywhere             www.totalclanservers.com udp dpt:20810

problem is that it cant be reached from outside the network only internal network, No one from the internet wan side can see or connect to the game server which is on the 192.168.193.73 ip assigned to by sme dhcp server.

What can i do to get the game servers to be seen on the wan side of the network.
Yes i have checked alot i mean alot of the posts on the forum and in the wiki,bug reports, i also saw something about loose udp but i have no config file in sme server /proc/sys/net/ipv4/ip_masq_udp_dloose to turn on, There has to be a way to accomplish this,

Any and all help on this would/will be greatly appreciated.

Thank you again.

[mmccarn]

To configure the port forwards I think you are saying you want (these could all be set in server-manager):

Code: [Select]

db portforward_tcp set 28961 forward DestHost 192.168.193.73 DestPort 28960-28969
db portforward_tcp set 20800 forward DestHost 192.168.193.73 DestPort 20800
db portforward_tcp set 20810 forward DestHost 192.168.193.73 DestPort 20810
db portforward_udp set 28961 forward DestHost 192.168.193.73 DestPort 28960-28969
db portforward_udp set 20800 forward DestHost 192.168.193.73 DestPort 20800
db portforward_udp set 20810 forward DestHost 192.168.193.73 DestPort 20810
I don't remember if you need to define a custom service in order to open the SME firewall for the ports you want to forward.  If you do, this should do it (this cannot be done in server-manager; note that port ranges are specified using ":", and not using "-" as was done for the port forwards):

Code: [Select]

config set totalclan service TCPPorts 28960:28969,20800,20810 UDPPorts 28960-28969,20800,20810 access public status enabled
Then activate your changes using:

Code: [Select]

signal-event remoteaccess-update
You can undo these changes using:

Code: [Select]

config delete totalclan
db portforward_tcp delete 28960-28969
db portforward_tcp delete 20800
db portforward_tcp delete 20810
db portforward_udp delete 28960-28969
db portforward_udp delete 20800
db portforward_udp delete 20810
signal-event remoteaccess-update


[DOK]

This is awesome, Thank you, very much, I will post back later when i have everything setup and working. 

[DOK]

Does this look right beside the duplicate entries? and how would i reset iptables and restart over. Sorry, and yes you have to add the service.

[root@tcs ~]# iptables -L |grep 28960
ACCEPT     tcp  --  anywhere             www.totalclanservers.com tcp dpts:28960:28969
ACCEPT     tcp  --  anywhere             www.totalclanservers.com tcp dpts:28960:28969
ACCEPT     udp  --  anywhere             www.totalclanservers.com udp dpts:28960:28969
ACCEPT     udp  --  anywhere             www.totalclanservers.com udp dpts:28960:28969
ACCEPT     tcp  --  anywhere             68-187-144-90.dhcp.stcd.mn.charter.com tcp dpts:28960:28969
ACCEPT     udp  --  anywhere             68-187-144-90.dhcp.stcd.mn.charter.com udp dpt:28960
ACCEPT     udp  --  anywhere             68-187-144-90.dhcp.stcd.mn.charter.com udp dpts:28960:28969
[root@tcs ~]# iptables -L |grep 28961
[root@tcs ~]# iptables -L |grep 20800
ACCEPT     tcp  --  anywhere             www.totalclanservers.com tcp dpt:20800
ACCEPT     udp  --  anywhere             www.totalclanservers.com udp dpt:20800
ACCEPT     tcp  --  anywhere             68-187-144-90.dhcp.stcd.mn.charter.com tcp dpt:20800
ACCEPT     udp  --  anywhere             68-187-144-90.dhcp.stcd.mn.charter.com udp dpt:20800
[root@tcs ~]# iptables -L |grep 20810
ACCEPT     tcp  --  anywhere             www.totalclanservers.com tcp dpt:20810
ACCEPT     tcp  --  anywhere             68-187-144-90.dhcp.stcd.mn.charter.com tcp dpt:20810
ACCEPT     udp  --  anywhere             68-187-144-90.dhcp.stcd.mn.charter.com udp dpt:20810


This >>>>>> config set totalclan service TCPPorts 28960:28969,20800,20810 UDPPorts 28960:28969,20800,20810 access public status enabled

Not This >>>>> config set totalclan service TCPPorts 28960:28969,20800,20810 UDPPorts 28960-28969,20800,20810 access public status enabled

Correct