Out of the Blue

Well I played a little DOOM yesterday, but also ran into a reality check about playing multiplayer online. When all the participants in a deathmatch are using network address translation to connect to the internet, setting up a server is problematic. A little re-wiring here is required to swap between NAT networking and a straight connection where my PC has my IP address to allow for this sort of gameplay. In the meantime I keep pondering whether there's some sort of way around this without reconfiguring the network, but I can't imagine how connecting to a server that's sharing an IP through NAT could be possible.

Play Time: Snow Globe. Thanks markus friedl.
Stories of the Day: Dry Christmas looms for NZ drinkers. Thanks John Nelson.
Science!: Pretty women scramble men's ability to assess the future. Thanks nin.
Scientists freeze pulse of light, for an instant. Thanks Slashdot.
Galactic impact makes black holes.
Media of the Day: The Lord Of The Rings Movie. Thanks Randy Perry.
Thanks Mike Martinez.
View : : :
30.
 
100% Transparent Router
Dec 11, 2003, 21:26
30.
100% Transparent Router Dec 11, 2003, 21:26
Dec 11, 2003, 21:26
 
As most things TCP have their roots in UNIX, you can get a pretty good handle on firewall rules to support bi-directional 100% fully transparent routing by viewing UNIX man pages. The IPFW commands are generally all you need to configure a router for trasnparent proxying. See http://www.freebsd.org/cgi/man.cgi?query=ipfw&apropos=0&sektion=0&manpath=FreeBSD+5.1-RELEASE+and+Ports&format=html
I've been doing what you have been doing, disconnecting the router and attaching the modem directly to an inside windows box when I want to host, but, have been thinking about a quick script to quickly let inside machines host without disconnecting my firewall. I'm not sure if the comments above re. divert and foward would do the trick, however. Divert simply send packets to a divert port on your router. Forwarding lets you forward packets to a different machine on your inside box, but, "The fwd action does not change the contents of the packet at all. In particular, the destination address remains unmodified, so packets forwarded to another system will usually be rejected by that system unless there is a matching rule on that system to capture them." I'm not sure if you can configure windows to let you accept packets bound to a different address or if you can create an alias ip address that has the same address as your router without creating some kind of conflict.
I think a more sure bet would be to enable VPN on your router. You'd simply tell your clients to create a windows vpn connection to your router (kinda like what kali does) so that as far as your hosting inside box is concerned, outside connections are on your same local network.
Not all routers support VPN (virtual private networking) however. FreeBSD supports VPN and is a great way to make use of outdated computers.
I too would be very interested in knowing if anyone's done this with just divert or forward rules in their firewall rules, without needing to config their host box to accept packets addressed to the router.

Avatar 11674
Date
Subject
Author
1.
Dec 11, 2003Dec 11 2003
2.
Dec 11, 2003Dec 11 2003
5.
Dec 11, 2003Dec 11 2003
7.
Dec 11, 2003Dec 11 2003
9.
Dec 11, 2003Dec 11 2003
10.
Dec 11, 2003Dec 11 2003
11.
Dec 11, 2003Dec 11 2003
13.
Dec 11, 2003Dec 11 2003
3.
Dec 11, 2003Dec 11 2003
4.
Dec 11, 2003Dec 11 2003
6.
Dec 11, 2003Dec 11 2003
8.
Dec 11, 2003Dec 11 2003
12.
Dec 11, 2003Dec 11 2003
14.
Dec 11, 2003Dec 11 2003
15.
Dec 11, 2003Dec 11 2003
16.
Dec 11, 2003Dec 11 2003
17.
Dec 11, 2003Dec 11 2003
18.
Dec 11, 2003Dec 11 2003
19.
Dec 11, 2003Dec 11 2003
22.
Dec 11, 2003Dec 11 2003
23.
Dec 11, 2003Dec 11 2003
20.
Dec 11, 2003Dec 11 2003
21.
Dec 11, 2003Dec 11 2003
24.
Dec 11, 2003Dec 11 2003
26.
Dec 11, 2003Dec 11 2003
28.
Dec 11, 2003Dec 11 2003
  Re: OT
29.
Dec 11, 2003Dec 11 2003
   Re: OT
27.
Dec 11, 2003Dec 11 2003
32.
Dec 11, 2003Dec 11 2003
  Re: OT
31.
Dec 11, 2003Dec 11 2003
25.
Dec 11, 2003Dec 11 2003
 30.
Dec 11, 2003Dec 11 2003
100% Transparent Router
33.
Dec 12, 2003Dec 12 2003