Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Program exibiting very odd behaviors and getting firewalled for it.

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pheleven
      last edited by

      So I'm not sure if anyone here is a gamer, and/or playe Company of Heroes (great RTS by the way, save their complete failure to write good net-code)…

      The game sends packets out on port 6112, but it targets a random port on the receiving end, which in this case is me (IE 55029, 60007, 59075 were a few it picked for me last night). I have port 6112 forwarded to my machine @ the pfSense box, but it blocks most of these packets (for some reason about 1/3 of the packets make it through - therefore I can only see/connect to 1/3 of the games available since each game is hosted on the client machines, I havent sniffed them to see what makes them different).

      It's not reasonable to open up a massive port range for this game, all forwarding to my machine.

      What I can (and have) done is use a VIP and do 1:1 NAT on it, but then my machine isn't firewalled - I can however see most* (but not all) games.

      Does anyone have any tricks/ideas on a decent solution to the poor game programming @ the firewall/router?

      Thanks,
      Mike

      PS - the game calls the errors it gives "NAT redirection error between X and you" - but its clearly poorly routed packets.

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        Try to enable static ports.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • P
          pheleven
          last edited by

          Well, thanks. That works about as well as doing NAT 1:1 as far as number of connectible games (and still firewalls my the rest of my traffic)…

          However, now my firewall logs are filled with exactly the reverse (lots of random incoming ports targeting 6112 on my machine that are getting firewalled). This is acceptable, since being able to access 3/4 of the games is far superior to 1/4, but I just don't understand why they have so many issues with their routing in the game.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.