[Firehol-devs] service definition for xbox

[Andrew Schulman]

Following is the (complex) service definition function for xbox, the Xbox live
service.  With this definition our Xbox connects and plays from behind a NAT
firewall with no trouble.  Andrew.

rules_xbox() {
	local mychain="${1}"; shift
	local type="${1}"; shift

	local in=in
	local out=out
	if [ "${type}" = "client" ]
	then
		in=out
		out=in
	fi

	local client_ports="${DEFAULT_CLIENT_PORTS}"
	if [ "${type}" = "client" -a "${work_cmd}" = "interface" ]
	then
		client_ports="${LOCAL_CLIENT_PORTS}"
	fi

	# ----------------------------------------------------------------------

	set_work_function "Setting up rules for Xbox live"

	rule ${in}          action "$@" chain "${in}_${mychain}"  proto udp \
		dport "88 3074" sport "${client_ports}" \
		state NEW,ESTABLISHED || return 1
	rule ${out} reverse action "$@" chain "${out}_${mychain}" proto udp \
		dport "88 3074" sport "${client_ports}" \
		state     ESTABLISHED || return 1
	
	rule ${in}          action "$@" chain "${in}_${mychain}"  proto tcp \
		dport 3074 sport "${client_ports}" \
		state NEW,ESTABLISHED || return 1
	rule ${out} reverse action "$@" chain "${out}_${mychain}" proto tcp \
		dport 3074 sport "${client_ports}" \
		state     ESTABLISHED || return 1

	rule ${in}          action "$@" chain "${in}_${mychain}"  proto udp \
		sport 3074 dport "${client_ports}" \
		state NEW,ESTABLISHED || return 1
	rule ${out} reverse action "$@" chain "${out}_${mychain}" proto udp \
		sport 3074 dport "${client_ports}" \
		state     ESTABLISHED || return 1

	return 0
}