Can iptables automatically allow udp when desired, but block it the rest of the time?
This is a discussion on Can iptables automatically allow udp when desired, but block it the rest of the time? within the Linux Networking forums, part of the Linux Forums category; Howdy! I normally turn UDP traffic off at my firewall, but this is causing a friend to not be able ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-11-2003
|
|||
|
|||
Can iptables automatically allow udp when desired, but block it the rest of the time?
Howdy!
I normally turn UDP traffic off at my firewall, but this is causing a friend to not be able to play half-life against an external server. Is it possible to write iptables rules such that udp traffic will be normally blocked, but allowed in when his masqueraded machine starts to converse with a game server, and then go back to blocked when he's done playing? Thanks Tad 
|
|
12-12-2003
|
|||
|
|||
|
Re: Can iptables automatically allow udp when desired, but block it the rest of the time?
"Tad Marko" <tad@tadland.net> wrote in message news:f5c5dc88.0312110944.6d35e76f@posting.google.c om... > Howdy! > > I normally turn UDP traffic off at my firewall, but this is causing a > friend to not be able to play half-life against an external server. Is > it possible to write iptables rules such that udp traffic will be > normally blocked, but allowed in when his masqueraded machine starts > to converse with a game server, and then go back to blocked when he's > done playing? well the masquerading should be doing this already. you probably have outgoing udp blocked. you have to allow his half life udp packets to go out. then the masquerading will set it leave and let the half life packets come in to. pretty much thats how masquerading works , for tcp, udp and icmp. There are application specific helper modules for masquerading eg for non passive ftp. but not needed for applications normally. > > Thanks > Tad
|
Linear Mode
