-   Linux - Networking (
-   -   World of Warcraft (c) behind a linux router (

elfy 04-20-2006 07:42 AM

World of Warcraft (c) behind a linux router
Hello guys!
I'm struck with a problem:
I've got a router, connected to 3 different networks:
  • The LAN of my district(say ReedLan)
  • My internal one, which is hidden by NAT with my ip
  • The pptp tunnel providing me with Internet. It is held over ReedLan(see 1)
I route the Internal-to-ReedLan traffic hidden by my ReedLan IP, and Internal-to-Intenet hidden by my ip in my provider's VPN.
If I launch WoW on my router is runs perfectly. But whenever I tried on internal network computers I got the same error: The RS(phase 1) connection is executed properly, but when it comes to the phase 2 connection to main game server I end up with a timeout caused, I decided, by the lost connection tracking.
If I put down the tunnel on my router and start the VPN session directly from internal computer(my router's managing GRE traffic and NATting it to my ReedLan ip) - it works great.
So what should I do to make linux firewall work with WoW connection tracking? Anybody has an idea?

UK MAdMaN 04-20-2006 10:02 AM

Have you got the WoW-required ports on the router set to route to the internal machine?

elfy 04-20-2006 03:16 PM

I got several internal machines using WoW simultaneusly(realy forgot the spelling of the word), so it is likely impossible to DNAT or I did miss something important?
By now I 'm SNATting. It looks like that:


Internal IP
Internal user1 IP
Internal user2 IP

ReedLan IP
User's IP in VPN
what I did:
iptables -P FORWARD DROP
iptables -A FORWARD -s -j ACCEPT
iptables -A FORWARD -d -j ACCEPT
iptables -t nat -A POSTROUTING -s -d -j SNAT --to-source=
iptables -t nat -A POSTROUTING -s -d ! -j SNAT --to-source=

Nothin' else. Every program but WoW works correctly.

All times are GMT -5. The time now is 03:57 PM.