[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Half Life

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Half Life
From: Jay <jay_(_at_)_musubi_(_dot_)_org>
Date: Fri, 29 Dec 2000 21:56:03 -0800 (PST)

this rule works for me:

pass in quick on [interface] proto udp from any port 27000 >< 27050 to [internal]

50 ports might be a bit extreme tho.
you could prolly combine the two and specify the WON servers instead of "any".

=jay

------
"I did nothing, absolutely nothing.  And 
 it was everything I thought it could be."

On Fri, 29 Dec 2000 mshaw_(_at_)_mediapotential_(_dot_)_com wrote:

> Ok, several folks asked for half life rules.  Here are the ones I use.  I
> derived them by logging everything and watching what 'broke' when I tried
> to use HL.  It was forever ago but I'm pretty sure they still work.
> Regardless, they aren't near and dear to my heart so if someone has a
> better way then by all means shoot.....
> 
> 1-These two rules allow you to communicate with the WON servers (really
> the WON servers to talk back to you)
> pass in on [inX] proto udp from 128.11.20.143 to any
> pass in on [inX] proto udp from 209.191.156.149 to any
> 
> 2-This one allows the game servers to give you their status
> pass in on [inX] proto udp from any to [internal IP]
> 
> Number two can be tightened up a little more by specifying a port range.
> If I remember correctly the originating and destination ports *seemed* to
> stay in some sort of common range.  I'm also assuming there are some
> 'quick' rules higher for blatantly 'no-no' UDP ports (I do everything
> below 1024).  If you don't have one you'll definitely want to tighten up
> the destination ports.
> 
> 
> 
>

Prev by Date: Quotas
Next by Date: RE: Proxy ARP for 'transparent firewalling'
Previous by thread: Re: Half Life
Next by thread: setting MTU of a NIC
Index(es):
- Date
- Thread

Visit your host, monkey.org