Re: Can iptables automatically allow udp when desired, but block it the rest of the time?
From: Leon. (leon_at_noteon.net)
Date: 12/12/03
- Next message: Andy Smith: "Re: Using a linux server as a firewall"
- Previous message: Jason Bowen: "Re: interface eth0 failure - RH enterprise WS"
- In reply to: Tad Marko: "Can iptables automatically allow udp when desired, but block it the rest of the time?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 12 Dec 2003 10:30:40 +1100
"Tad Marko" <tad@tadland.net> wrote in message
news:f5c5dc88.0312110944.6d35e76f@posting.google.com...
> Howdy!
>
> I normally turn UDP traffic off at my firewall, but this is causing a
> friend to not be able to play half-life against an external server. Is
> it possible to write iptables rules such that udp traffic will be
> normally blocked, but allowed in when his masqueraded machine starts
> to converse with a game server, and then go back to blocked when he's
> done playing?
well the masquerading should be doing this already.
you probably have outgoing udp blocked. you have to allow his half life udp
packets to go out.
then the masquerading will set it leave and let the half life packets come
in to. pretty much thats how masquerading works , for tcp, udp and icmp.
There are application specific helper modules for masquerading eg for non
passive ftp.
but not needed for applications normally.
>
> Thanks
> Tad
- Next message: Andy Smith: "Re: Using a linux server as a firewall"
- Previous message: Jason Bowen: "Re: interface eth0 failure - RH enterprise WS"
- In reply to: Tad Marko: "Can iptables automatically allow udp when desired, but block it the rest of the time?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
