udp session tracking?

To: <debian-firewall@lists.debian.org>
Subject: udp session tracking?
From: "Steve Melo" <smelo@communitytrust.ca>
Date: Thu, 28 Apr 2005 16:53:53 -0400
Message-id: <[🔎] 000901c54c34$63704680$3c01a8c0@ts.communitytrust.ca>

Greetings list,

I'm having a problem playing an online game as the client.  I can host a
game just fine because the server always listens on port 5739 and I'm
forwarding any udp packets from the internet with a --dport of 5739 to the
client machine on the LAN.  When I try to connect as a client though, the
ports it uses aren't as predictable.

I captured a connection of the game that I hosted using tcpdump(see the snip
below).
The first packet from the client to host is an icmp packet which works just
fine.
For the 2nd packet, the client chooses any random src port over 1024 with a
dst port of 5739.  This port is then used for the rest of the connection.
The 3rd packet is unique in that the host sends a packet from a random port
of its own, as a client I cant guess what src port the server would use, and
neither can I guess what dst port the packet would have because that is
randomly assigned in the 2nd packet.

After the 3rd packet, there is always a src or dst port with 5739 so I can
forward those packets fine. I just need to know how I can tell iptables to
recognize the 3rd packet as a part of the session.

Is there any state rule I can add???


<snip>-----tcpdump -I ppp0 host 64.231.35.40  -c 25---</snip>

      1  IP CLIENT > HOST: icmp 72: echo request seq 256
      2  IP CLIENT.1379 > HOST.5739: UDP, length: 64
      3  IP HOST.1184 > CLIENT.1379: UDP, length: 84
      4  IP HOST.5739 > CLIENT.1379: UDP, length: 60
      5  IP HOST.5739 > CLIENT.1379: UDP, length: 60
      6  IP CLIENT.1379 > HOST.5739: UDP, length: 60
      7  IP HOST.5739 > CLIENT.1379: UDP, length: 60
      8  IP CLIENT.1379 > HOST.5739: UDP, length: 16
      9  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     10  IP CLIENT.1379 > HOST.5739: UDP, length: 60
     11  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     12  IP CLIENT.1379 > HOST.5739: UDP, length: 60
     13  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     14  IP CLIENT.1379 > HOST.5739: UDP, length: 60
     15  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     16  IP CLIENT.1379 > HOST.5739: UDP, length: 60
     17  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     18  IP CLIENT.1379 > HOST.5739: UDP, length: 60
     19  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     20  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     21  IP CLIENT.1379 > HOST.5739: UDP, length: 60
     22  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     23  IP CLIENT.1379 > HOST.5739: UDP, length: 60
     24  IP HOST.5739 > CLIENT.1379: UDP, length: 60
     25  IP CLIENT.1379 > HOST.5739: UDP, length: 60

<snip>------------------------------------------------------</snip>


Thank you in advance!

-steve

Reply to:

Prev by Date: Re: simple ip_forward didn't work
Next by Date: Re: RE: Error-Guard Support Request
Previous by thread: Re: simple ip_forward didn't work
Next by thread: this is a test
Index(es):
- Date
- Thread