Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm running a SuSE 7.3 server that acts as a gateway, fileserver, apache webserver and ftp server. I have 2 client pc's (win2000).
I recently installed a Half-Life dedicated server on it.
When I join from my client machine through my external ip (xxx.xxx.xxx.xxx:27015) it works perfectly.
But someone from the outside of my network can't join.
I'm using the ADSL4Linux program (http://www.adsl4linux.nl) with the firewall that comes with it. It uses IPtables.
How can I open the correct port so that other people can access my Half-Life server.
1.1 ADSL4Linux firewall wat is het?
Een firewall is een set van regels die ervoor zorgt dat alle poorten op de PC worden afgesloten van
communicatie met de buitenwereld (internet) en dat uitsluitend die poorten openzet die expliciet worden
aangegeven.
OK, for some reason babelfish can't translate this, but I think I can.
It loosly translates to, "The firewall's set of rules blocks all communication from the outside world(internet), unless you explictly tell the firewall to open certain ports"
(can anyone do better than me? My dutch sucks).
In other words, just browse around the firewall script (perhaps in /etc/rc.d/rc.firewall?) and look for anything related to opening up ports. If you can't find anything, just disable the ADSL4Linux firewall, and get another firewall. I reccomend this one http://projectfiles.com/firewall/. Its easy to install, and easy to configure (just edit the file with your favourite text editor, and rerun the script).
Good Luck!!
RefriedBean.
PS. If the Stable firewall from projectfiles gives you a few errors, get the beta one, its rock solid, and I've had no problems with it.
Originally posted by jeucken
You have to keep in mind that my firewall is also my gateway program. Maybe you know another gateway/router for me.
Hi.
That projectfiles firewall acts as a gateway too, just edit the rc.firewall (or whatever you decided to call it) with your favourite text editor, and change " IS_ROUTER="no" " to " IS_ROUTER="yes" ", also make sure your internal and externel interfaces are right.
**Catch 22 alert **
I am not sure how ADSL4Linux works, but normally when you use ADSL, linux makes a virtual ppp0 interface, so be carefull that when you edit the rc.firewall that you make the externel interface ppp0, NOT the ethernet card that the ADSL modem is plugged into (eth0 for example). Specifying the wrong external interface will render the firewall useless
Originally posted by jeucken Thank you very much....
Oh and (seeing that you are from South Korea) sorry about the world cup.
Thanks, but to tell you the truth, I am actually a South African (well, we're out too, but I can't beleive South Africa got as far as they/we did anyway) living in South Korea.
Yea, and the fact that I am from ZA explains why I could read the Dutch (kinda).
Projectfiles.com rc.firewall script version 1.8.3 running...
iptables: Bad built-in chain name
Firewall successfully configured for external IP address 'xxx.xxx.xxx.xxx'.
(Where xxx is my ip)
So what is this error and is it running now or not?
2 extra questions:
- How do I stop the firewall?
And
- Which port do I have to open for SSH?
[EDIT]
Found that one out myself. (Major doh, just look in putty)
Get the beta version, its much more configurable and its very reliable. And it fixed quite a lot of errors in the 1.8.3 version.
IF
it still gives you errors,
make sure you have all the netfilter(iptables) support needed by it in your kernel.
I am not sure how to stop the firewall, since I have never needed to stop it in anycase. If you need to reconfigure the firewall simpy rerun the rc.firewall.
By the way, if you need to know what port a certain service uses, look in /etc/services, its more than likely listed there.
I think I might be able to contribute to the discussion.
First of all, definately use latest 2.0 release candidate. Even the rc4 prerelease is probably better for most users 1.8.3. 1.8.3 is very stable except it does not perform ANY checking on the current system configuration or user input, so even if something askew it still chugs merrily along....
Second, unless MAYBE you have an internal ADSL modem (most are external and connect to your PC via ethernet) you will access DSL through a regular ethernet interface, e.g. eth0. It doesn't matter anyway, in any of the recent releases you do not need to supply external interfaces as they are discovered automatically.
If you are using the script and find that some internal clients cannot get through the firewall you should do the following:
1. Obviously check that your internal interface is listed in INTERNAL_INTERFACES and in versions before rc4, make sure IS_ROUTER is enabled.
2. Check that you have the correct netmask set on your internal interface. The firewall determines the scope of an internal networks based on the configuration of the internal interface.
3. If you have multiple "internal" networks that pass through the firewall you can add the other internal networks to the "ADDITIONAL_ROUTED_NETWORKS directive (called ROUTED_NETWORKS before rc4)" or add a second IP (IP aliasing) to the interface and add the alias (e.g. eth0:1) as another INTERNAL_INTERFACE. This is an especially neat feature because you can run two logical networks that both use the same machine as a gateway.
Btw, you can clear all firewall code by running "./rc.firewall clear" or the SysV style "./rc.firewall stop". rc4 will have the added benifit of not changing the current firewall configuration until it successfully completes its list of sanity checks.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.