| View previous topic :: View next topic |
| Author |
Message |
woercel
n00b
Joined: 31 May 2008
Posts: 5
|
 Posted: Wed Jul 30, 2008 6:51 pm Post subject: IPTABLES only one Rule - Port Forwarding - GameServer |
 |
|
Hello,
I have a Counter Strike Source Server behind a Gentoo Server,
iptables is stopped.
And now I need to forward Port 27015 to my Game Server.
I tried it with IPtables but, i dont know much about this.
So my question, is it possible to forward this port with one rule
or is there some easier way to do that.
Sorry for my english 
cheers
woercel |
|
| Back to top |
|
 |
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Wed Jul 30, 2008 7:12 pm Post subject: |
|
|
It's the answer to your question, but it's not one line.
http://gentoo-wiki.com/Port_forwarding_with_iptables
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
woercel
n00b
Joined: 31 May 2008
Posts: 5
|
| Posted: Wed Jul 30, 2008 8:04 pm Post subject: |
|
|
hmm, i tried it, but it dont work
and when i make
iptables -L
i cant see the forwarding rule |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Wed Jul 30, 2008 8:05 pm Post subject: |
|
|
Are you writting it as a script or doing it from the command line?
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Wed Jul 30, 2008 8:27 pm Post subject: |
|
|
You made need to do some mods to this, it's basic.
| Code: |
#!/bin/bash
if [ "$1" = "start" ]
then
echo "Starting Firewall"
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "...Flushing Previous Rules"
iptables -F
iptables -X
echo "...Setting up default policies"
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -A PREROUTING -P tcp -d <external ip> --dport 27015 -j DNAT --to-destination <CSS Server ip>
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
elif [ "$1" = "stop" ]
then
echo "Stopping firewall..."
iptables -F INPUT
iptables -P INPUT ACCEPT
fi
|
Didn't have my gentoo computer here to check the syntax, I did it from memory so there may be some issues, it's been a while. Also, this script is pretty much wide open, so I highly suggest closing it down to just your needs. Also, make sure that when you save the file, to give it execute rights in order to run it.
Robert
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
woercel
n00b
Joined: 31 May 2008
Posts: 5
|
| Posted: Wed Jul 30, 2008 9:49 pm Post subject: |
|
|
thx for the script
i used it and after a edit it worked but my game server is nevertheless reachable
so, i stopped iptables again, reboot the server and tried to ping the normal gentoo
server from outside.
and now, i think there is the problem, the server is not responding,
how can this be? when iptables is stopped???
what can block this things?
ps:
ssh works perfect |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Thu Jul 31, 2008 12:10 pm Post subject: |
|
|
Okay, let me make sure I understand you correctly.
With the script running, you are able to do an iptables -L and see the iptables rules running on the server, but still unable to get users from the outside to pass through to your CSS server correct?
Can you start the script, then do a iptables -L and post the output? I just want to make sure the script is operating correctly.
Robert
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23100
|
| Posted: Fri Aug 01, 2008 3:26 am Post subject: |
|
|
| vaguy02 wrote: |
Can you start the script, then do a iptables -L and post the output? I just want to make sure the script is operating correctly.
|
The output from iptables-save -c is more useful in these situations. It is machine readable and therefore more standardized in form. Also, it shows all tables, where iptables -L shows only the default filter table. |
|
| Back to top |
|
|
|
Networking & Security
