Problems with CNC3

  • Hello all,

    Im currently having a problem logging onto Command and Conquer 3: Tiberium Wars online.

    Im currently running pfsense 1.2-RELEASE.

    My problem is very strange, and is frustrating the crap outa me. When i go to login to the online portion of the game, the thing just hangs there on that screen forever, no timeouts, disconnects, nothing. From every problem i have seen people post to forums, they always get atleast an error message. i do not even get that. I am using comcast business class internet service with static ip. I have forwarded a plethora of ports, and have checked every single rule a @!#$-load of times. I enabled outbound static nat on my lan subnet, and even tried individually creating a static nat rule for every single port, to no avail.

    I know its pfsense because i hooked my workstation straight up to the modem and it worked, but i cant get it to work from behind the firewall. I even busted out wireshark and started capturing packets.. the only real difference i see being behind the firewall is less traffic, but i believe i see normal communication from to numerous EA servers (EA, IGN, etc.)

    Ive been trying to get pfsense to log this traffic too, but it doesnt seem to pick up anything from the ruleset i created. No logs for either passed or rejected traffic…. weird. a netstat -b on my workstation shows the following connections as ESTABLISHED on the following TCP Ports: 29900, 28910, 18310, 6667.

    I have been at this thing for 3 days and cant figure this thing out, your help would be greatly appreciated. thanks!

  • well,

    i think i may have found the problem, but i still don't know how to fix it.
    i don't know why i didnt notice before, but it appears the advanced outbound nat rule isnt working for port 6667.
    i did a packet capture on my wan interface, while runnning wireshark on my local machine.
    i noticed that on the wan, it is using a different source port to communicate to the EA server than the source port on my local machine, unlike the rest of the traffic. does anyone know why it would still be randomizing only that single port number?! or am i missing something? i tried to single it out with an additional static rule, but its still not working.


  • Holy crap, i got it!!! finally.
    When i realized the IRC port was the problem, i also realized that i had imspector proxying IRC.
    I disabled just the IRC portion for imspector, restarted the service, and viola.
    It now works just fine, even after i turned off advanced outbound nat and all port forwards.

    So, lesson learned. CNC3 uses frickin IRC. wireshark is my best friend.

    No one has replied to this thread, but i figured i would post the solution just in case anyone else has the same problem.

Log in to reply