Cable modem with Linux Router Project & Fireplug Edge Router - help with wierd ports!

Cable modem with Linux Router Project & Fireplug Edge Router - help with wierd ports!

Post by Paul Dohert » Fri, 19 Feb 1999 04:00:00

router running on the Edge router floppy.  Normal traffic goes through
just fine (http, smtp, ftp, etc).  The problem comes in with games and
the default behavior of this friewall/router solution.  It is geared
towards security and defaults to deny everything and then let in things
on an as specified basis.  I would like this to be reversed - accept
everything in both directions and allow me to lock down individual ports
as needed.  This is how my previous Cisco 766 ISDN router worked (using
PAT - little brother to full-blown NAT - same function essentially; lets
multiple machines hide behind one valid IP).  I had no problems with
BattleZone or Quake2 or any other games with the Cisco but this Linux
router just refuses to play BattleZone.  I can enter the Internet lobby,
connect to the server, see active games, click join game, see the
players in the game, pick a tank and then try to launch and whamo - it
bangs on the connect a while (longer than it should or ever has) and
evetually just sits there forcing me to ALT-TAB to the desktop and do a
CTRL-ALT-DEL to kill the BattleZone task as the game will never launch.
I have experimented with the userin.txt and portfw.txt files and have
issued some "ipchains" commands in an attempt to work around this.

The lines I have put into /etc/userin.txt (commented out all others):

tcp             -d PUBLICIP 00000:65535
udp             -d PUBLICIP 00000:65535
icmp            -d PUBLICIP 00000:65535
tcp             -s PUBLICIP 00000:65535
udp             -s PUBLICIP 00000:65535
icmp            -s PUBLICIP 00000:65535

The way I'm understanding this, this should open up all ports in the
range of 0-65535 for all protocols.  Does this look right?

I have also experimented with the ipchains command.  I noticed that an
"ipchains -L" command would list a lot of default behaviors apparently
setup to filter out "unwanted" traffic.  I used an "ipchains -F" to
flush all settings out completely and the issued:

ipchains -A forward -s -j MASQ -b

This sets up a bi-directional rule that *should* allow all protocols to
go in both directions (be MASQ forwarded to original host) but it
doesn't seem to matter much.  In fact with nothing but that rule
established I can do normal tasks just fine (like the post I'm writing
right now is being done in this mode).  Anyone have an idea why this
rule would allow normal traffic but *still* not allow game traffic to
get back and forth?  Seeing as I already have security inside the LAN
(PDC) I am not very concerned with that and would rather have the thing
wide open to the net, and *then* lock down ports that are potentially
troublesome (like udp 138/139 used to be on Win boxes).  What am I doing


1. Experience with Fireplug's Linux Edge Router ?

Has anyone tried the Linux Edge Router ( ) ?
It sounds like a custom version of the Linux Router Project to firewall
a small network from the the internet accessed by DHCP cable or ADSL. It
looks simple to use and it does exactly what I want.
My questions to any users of the above are:
1) Is it simple to use?
2)Is a 486/25 Linux edge Router computer with 12 megs of ram adequate to
firewall one pentium Windows computer  with a 4 Mbps down / 640kbps up
ADSL connection?
3) Will it hurt my 30ms Quake 2 ping times :-)?
Thanks in advance for any info.

PS: I tried to subscribe to the Fireplug  mailing lists but it didn't
seem to work. Off to try again.

2. Canon BJC-2100

3. Linux Router Project (LRP): Make just a router ???

4. AIX Users Groups

5. DSL/Cable Router vs "Ordinary Router"

6. The behavior of fflush(stdin)

7. SuSe 7.0, router & cable modem???

8. ppp default route - not setting...

9. Help! Cox Cable Modem and SMC Barricade Router

10. Help with firewall and router setup (cable modem)

11. Static IP + linksys router + Cable Modem Solaris HELP!

12. LINKSYS Cable/DSL 8 Port Router and LINUX...

13. Linux box + router + cable modem