Slashdot Mirror

← Back to Stories (view on slashdot.org)

Battle.Net Games Through Linux Firewalls?

Posted by Cliff on from the getting-it-to-work dept.

dj51d asks: "I have set up a P90 running Red Hat 6 as a Masqereding firewall, and much to my dismay have found that Battle.Net games don't work through the firewall. The protocol uses udp port 6112. Any ideas on how to let this port trough the firewall?"

10 comments

  1. I sure do... by smkndrkn · · Score: 1

    I also had the same problem a while back. When I was running the old 2.0.XX kernels I used two programs called
    ipportfw
    and
    ipautofw
    now I'm using the a newer 2.2.xx kernel and the program is ipmasqadm
    Here are what my firewall rules look like. My internal machine is 192.168.1.2:

    ipmasqadm autofw -A -r tcp 6112 6112 -h 192.168.1.2
    ipmasqadm autofw -A -r udp 6112 6112 -h 192.168.1.2

    this code is included in the newer kernels...I think if you have a kernel before 2.0.37 you have to patch it.

    Here you can find the patches and links to other sites and info.
    http://ipmasq.cjb.net/

    Also check here http://www.tsmservices.com/masq/ It has more info for the kinds of things you want to do.
    Later Gary R

    --
    ======== In the future, everything will be artificial. ========
  2. Firewall passing BattleNet by yabHuj · · Score: 1

    smkndrkn wrote:
    >ipmasqadm autofw -A -r tcp 6112 6112 -h 192.168.1.2
    >ipmasqadm autofw -A -r udp 6112 6112 -h 192.168.1.2

    I do not know the AUTOFW feature, so maybe the following part is obsolete: always remember that you do not only have to get out, the answer has to get back in, too.

    If Battle.Net only uses UDP, chances are good, that the channel back is UDP port 6112, too. If TCP is used, chances are good, that TCP ports 1024-65535 are used.

    Qapla'!

    1. Re:Firewall passing BattleNet by CaptainSuperBoy · · Score: 1

      Yeah, but if it uses TCP it should probably play nice and just let the client open a connection and use that, rather than opening a new connection back.. I don't think it uses TCP though, most games don't.

      It's strange, I have a 386 running 2.0.37 masquerading for my home and I didn't have to do anything like this to get games to work. Half-life, Q2 and Kingpin all work fine. Haven't tried any battle.net games though.

      Also, the command I used is ipfwadm - is that obsolete now? That means people need to change their startup scripts if they go to 2.2...

    2. Re:Firewall passing BattleNet by Anonymous Coward · · Score: 0

      Battle Net is weird, in that is uses the same port for incoming and outgoing traffic. Statically mapping port 6112 works, but only one machine behind the firewall can play on battle net at a time. Ultra Lame, IMHO. Maybe they'll fix this for Diablo II... -- Pooch (forgot my password)

  3. OK, this one's official. by BKX · · Score: 1

    According to the Linux IP Masquerade mini HOWTO, for battle.net you must forward UDP port 6112 and TCP ports 116 and 118. For StarCraft and newer versions of Diablo you must also forward TCP port 6112.

    To do this forwarding use IPPORTFW. For more info check out the IP Masquerade mini and standard howtos.

  4. IPChains by chocolatetrumpet · · Score: 1

    so how do I do this using IPchains?

    --
    Spoon not. Fork, or fork not. There is no spoon.
  5. Is your UDP Loose? by AT · · Score: 1

    If you are using one of the 2.0.XX series of kernels, get the loose-udp patch from this page. It makes a big difference in performance of multiplayer games and the extra auto port forwarding is unneccessary.

    Andrew

  6. battle.net proxy by Anonymous Coward · · Score: 0

    Go to this page and follow the hacks link. The battle.net proxy is about half of the way down. Works nicely.

  7. ipchains script by WarMage · · Score: 1

    Here's a script that I use...
    sccomp is the computer that you're playing starcraft on
    gwcomp is the linux computer
    gwcompex is the internet IP of your linux computer

    You must have ipportfw support compiled in your kernel, or loaded as a module for this to work, and you might need to grab ipmasqadm from somewhere....
    #!/bin/sh
    sccomp=192.168.0.2
    gwcomp=192.168.0.1
    gwcompex=216.102.231.2
    ipmasqadm portfw -a -P tcp -L $sccomp 6112 -R $gwcomp 6112
    ipmasqadm portfw -a -P tcp -L $gwcompex 6112 -R $gwcomp 6112
    ipmasqadm portfw -a -P udp -L $sccomp 6112 -R $gwcomp 6112
    ipmasqadm portfw -a -P udp -L $gwcompex 6112 -R $gwcomp 6112

  8. hate to flame but.. freebsd does this better :D by bugg · · Score: 1

    i'm a freebsd user and highly recommend natd.

    man natd tells you everything you need to know.
    Its a sinch to setup, no problems whatsoever.
    only caveat is without extra setup games with more than one other person with lag. so when you are invoking natd use the command: (for example)
    natd -m -n ex0 -redirect_port udp 6112 10.0.0.2:6112
    in which ex0 is the nic you are running natd on (man natd) and 10.0.0.2 is the IP from the computer that you are running sc/bw on.

    $.02

    --
    -bugg