Re: Opening ports in Shorewall in order to run an America's Army server

On Sat, 10 Feb 2007 14:29:22 +0100
Jan Stępień <jan@xxxxxxxxxxxxxx> wrote:

Hi everyone,

I've been trying to set up an America's Army game server on my Debian
server box. Having already configured an Apache webserver and few
other services such as SSH, and a MySQL database I thought that
enabling another daemon application won't be a problem. Unfortunately
I was wrong.

After successfully installing and, hopefully, correctly configuring AA
server I was unable to connect to it. Accordingly to instructions
given at http://manual.americasarmy.com/index.php/Linux_Server I've
opened ports listed at the website above. Here you can see part of my
/etc/shorewall/rules dedicated to the AA server:


ACCEPT net fw tcp 14200
ACCEPT net fw tcp 20025
ACCEPT net fw tcp 20045
ACCEPT net fw tcp 20046
ACCEPT net fw tcp 20047
ACCEPT net fw udp 1716
ACCEPT net fw udp 1717
ACCEPT net fw udp 1718
ACCEPT net fw udp 8777
ACCEPT net fw udp 27900


Unfortunately the master game server still doesn't see my server. I've
tried to telnet those ports, but:


Trying [ip address]...
telnet: Unable to connect to remote host: Connection refused

I tried to disable Shorewall and see if without it I can connect to
those ports. Surprisingly, all of them were still seen as closed,
despite the AA server daemon running in the background. Nmap proves
it.

That suggests that the packets are getting through, and therefore that
Shorewall is working correctly.


Could you please enlighten me whether I've misconfigured my Shorewall
or there's something wrong with my AA server? I would be grateful for
your help.

Best regards,
Jan Stępień


Are you sure that the server is listening on the ports you think it's
listening on? Whats is the output of the command 'netstat -uta'? And if
it is, are there any application-level restrictions? It might only be
accepting connections from certain source IP addresses.

--

Liam

Relevant Pages

  • Re: Whats a decent modem/router for tech savy user?
    ... It is not possible to route or deny traffic to specific ports based on the source IP address. ... But it wont route back inside the LAN - needs internal DNS server spoofing. ... Normally, this option should be Enabled, so that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. ... Specifying a Default DMZ Server allows you to set up a computer or server that is available to anyone on the Internet for services that you haven't defined. ...
    (uk.telecom.broadband)
  • Re: Cannot connect to RWW from home PC
    ... That would be the address you need a DNS record for. ... You say "And in the router you need to forward to your external nic IP" ... Still can't telnet to any of your ports at your public ip address. ... Heres' the info for our server: ...
    (microsoft.public.windows.server.sbs)
  • Re: Netopia 3347NWG with Remote Desktop and Remote Web Workplace
    ... Glad you're back in business Greg! ... Ports Closed ... Despite this, Remote Web Workplace DOES WORK now, and Connect to Server ... Exchange BPA updates), ...
    (microsoft.public.windows.server.sbs)
  • Re: Opening ports...
    ... TCP across sever different ports; ... I configured the ISA ... server to allow inbound requests via these protocols / ports but I still get ... > Tom and Deb Shinder's Configuring ISA Server 2004 ...
    (microsoft.public.isa)
  • Solution -> Re: SSH tunnel question.
    ... change IPS and ports around but that is not a big deal. ... telnet/ftp/rsh open on a server including on the Internet facing ports! ... I will go from the corp desktop to a hop ... through the firewall to the hop ...
    (SSH)