[ale] Re: Ping through Masq'ing firewall?

Zephaniah E. Hull warp at whitestar.soark.net
Sun Jan 4 08:23:17 EST 1998 

Note before you read this, I've been up areund 24 hours and I'm not even
going to try and be more then vaugely readable and corharent...

On Sat, 3 Jan 1998, Robert L Harris wrote:

> > 
> > On Sat, Jan 03, 1998 at 12:59:11PM -0700, Robert L Harris wrote:
> > > Ok,
> > >   My firewall/Masq is up and working beautifully.  The problem is that 
> > > you can't ping a host outside from inside.  The firewall can ping out, but
> > > machines behind it never get a response.
> > >   This seems to be keeping Quake2 and Age Of Empire from being able to play
> > > from behind it.  
> > > 
> > >   Anyone have any Ideas?  I'd really like to be able to play AOE...
> > > 
> > 
> > Robert -
> > 
> > As usual, I am on my way out of the building.  Try ensuring that the icmp
> > masquerading option is set in the kernel, and see if it is a module.  Look
> > under /lib/modules for something with icmp in the name, and do insmod
> > $icmp_module_name if necessary.  I think it is probably a module, but I
> > have it specifically disabled on my firewall for now.
> > 
> 
> Have I got timing or what?  Anyway, I've checked the compilation a number of
> times.  I've enabled everything I can find to enable and I'm loading all modules
> that seem even close to related.
> 
> I just talked to some friends and it seems that AOE and Quake2 both use
> random UDP ports that is negotiated at boot time.  It seems that the 
> people who write the ip_masq stuff don't want to re-engineer the whole
> setup to deal with this.  If I was in their place, I probably wouldn't
> want to also.  The problem is that creating games that work like this 
> will probably be a lasting trend.  Maybe there can be some user space
> translator or such...  This goes beyond me.
> 
> Robert

Atleast in the later 2.1's, the stuff for all this is compiled as
modules..
I'm not sure how .77 is doing on this but try it...

> 
> ---------------------------------------------------------------------------
> Robert L. Harris          |   NT is secure.... 
> System Engineer For Hire. \_   as long as you don't remove the shrink wrap.
> 
> http://www.orci.com/~nomad
> 
> DISCLAIMER:
>       These are MY OPINIONS ALONE.  I speak for no-one else.
> perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
>

More information about the Ale mailing list