[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Opening ports in Shorewall in order to run an America's Army server

On Sat, 10 Feb 2007 14:29:22 +0100
Jan Stępień <jan@stepien.com.pl> wrote:

> Hi everyone,
> I've been trying to set up an America's Army game server on my Debian
> server box. Having already configured an Apache webserver and few
> other services such as SSH, and a MySQL database I thought that
> enabling another daemon application won't be a problem. Unfortunately
> I was wrong.
> After successfully installing and, hopefully, correctly configuring AA
> server I was unable to connect to it. Accordingly to instructions
> given at http://manual.americasarmy.com/index.php/Linux_Server I've
> opened ports listed at the website above. Here you can see part of my
> /etc/shorewall/rules dedicated to the AA server:
> ACCEPT          net     fw      tcp     14200
> ACCEPT          net     fw      tcp     20025
> ACCEPT          net     fw      tcp     20045
> ACCEPT          net     fw      tcp     20046
> ACCEPT          net     fw      tcp     20047
> ACCEPT          net     fw      udp     1716
> ACCEPT          net     fw      udp     1717
> ACCEPT          net     fw      udp     1718
> ACCEPT          net     fw      udp     8777
> ACCEPT          net     fw      udp     27900
> Unfortunately the master game server still doesn't see my server. I've
> tried to telnet those ports, but:
> Trying [ip address]...
> telnet: Unable to connect to remote host: Connection refused
> I tried to disable Shorewall and see if without it I can connect to
> those ports. Surprisingly, all of them were still seen as closed,
> despite the AA server daemon running in the background. Nmap proves
> it.

That suggests that the packets are getting through, and therefore that
Shorewall is working correctly.

> Could you please enlighten me whether I've misconfigured my Shorewall
> or there's something wrong with my AA server? I would be grateful for
> your help.
> Best regards,
> Jan Stępień

Are you sure that the server is listening on the ports you think it's
listening on? Whats is the output of the command 'netstat -uta'? And if
it is, are there any application-level restrictions? It might only be
accepting connections from certain source IP addresses.



Reply to: