Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Trevor Drake-Brockman on September 09, 2002, 05:23:57 PM
-
Hoping someone may have some idea's as to why port opening is not working.
I downloaded and installed the port opening addin all seems to work correctly I can open various ports on the server and forward to a second PC. However when I check if the port is open using a port scanner it still come up as closed. I check the /etc/init.d/masq file and the rule looks correct.
Also tried opening other ports, all seem to work correctly the ports are reported as open but the scanner show them as closed. Has anyone got any idea's on what could be wrong???
Use mitel ver 5.5 with blade 1 installed but same result with 5.1
Trevor
-
I'm interested to know myself
-
Rob wellesley wrote:
>
> I'm interested to know myself
Ah so, grasshopper.
G
PS. sorry, off topic, but i couldn't help myself.
-
Trevor Drake-Brockman wrote:
> Hoping someone may have some idea's as to why port opening > is not working.
"port opening" is working, but it doesn't do anything useful. Not by itself anyway.
> However when I check if the port is
> open using a port scanner it still come up as closed. I
> check the /etc/init.d/masq file and the rule looks correct.
What the "port opening" add-on does is to configure the ipchains packet filter to allow inbound TCP connections and/or inbound UDP packets to specified ports. But unless there is some software "listening" for those packets, nothing has been achieved. Most ports are already open in any case.
The documentation that Microsoft and other software vendors give you about "opening ports" usually refer (implicitly) to "personal firewall" software that you run on a directly Internet-connected Windows box. The situation with a masquerading firewall is quite different.
Charlie
-
Charlie Brady wrote:
>
> What the "port opening" add-on does is to configure the
> ipchains packet filter to allow inbound TCP connections
> and/or inbound UDP packets to specified ports. But unless
> there is some software "listening" for those packets, nothing
> has been achieved. Most ports are already open in any case.
Charlie, What I am trying to acheive is to run a game SOF2 on the server. In the end I want to forward the necessary ports to a 2nd PC that will run the game server. But for now have simplify as can not get to work. I open the ports run the Linux server on the Mitel server and it dose not get listed on the master game server all seems to be working on the game server startup. But when I rescan the ports on the mitel server there as no additional ports open.
I have read the game server forum with no result and check here for problems with port opening. But can not resolve believe it is still the port that are not opening up correctly. Any ideas????
Thanks
-
Trevor Drake-Brockman wrote:
> In the end I want to forward the necessary ports
> to a 2nd PC that will run the game server.
Then *forward* the ports. I can only repeat, there is no point in opening ports which 1) are already "open" and 2) have no software listening for them.
Be aware though that some protocols are extremely firewall unfriendly. They use multiple ports and dynamically allocate inbound connections, and can only be supported through a masquerading firewall if the control channel is watched and interpreted in real time.
Charlie
-
Charlie Brady wrote:
>
> Then *forward* the ports. I can only repeat, there is no
> point in opening ports which 1) are already "open" and 2)
> have no software listening for them.
When the SOF2 game server runs it is supports to be listening on port 20100, but port scanning show port is not open. Have tried other game server for half-life with same results. There is a doc at
http://www.cyber-euskadi.com/howtos/Howto%20Install%20Unreal%20Tournament%20Server%20on%20SME%205.1.2.htm
That runs thou how to setup a number of games server but there is no mention of the need to open and ports??
> Be aware though that some protocols are extremely firewall
> unfriendly. They use multiple ports and dynamically allocate
> inbound connections, and can only be supported through a
> masquerading firewall if the control channel is watched and
> interpreted in real time.
Can do the redirection but don't need to complicate the problem at the moment. IE until I can get the game to work on the main server/gateway.
-
What does running netstat -l -n tell you?
That will list all the ports numerically along with the program that's listening to each one. It may well reveal some other problem, such as not listening on the external interface (don't some of these game server things listen to the loopback interface by default?)