[Firehol-support] America's Army

Daniel L. Miller dmiller at amfes.com
Tue Feb 15 20:24:06 CET 2005


Costa Tsaousis wrote:

>Danniel,
>
>proto "tcp udp"
>
>will match both protocols when used as an optional rule parameter. You can
>define multiple protocols in service definitions too. Check the
>documentation.
>
>If you don't see any other packets logged (starting with IN-<name>,
>OUT-<name> or PASS-unknown), then nothing is dropped.
>
>Costa
>  
>
Does that mean that a line like:

dnat to $BASTION_IP inface "${AA_IF}" dst "${AA_IP}" proto "tcp udp" 
dport 1716:1718

will match 1716:1718 tcp AND udp (six open ports)?  So if I want 
specific ports from udp and specific ports from tcp, I need two lines, 
one listing all the tcp ports and one listing all the udp ports?

BTW - After more research, I found the firehol config I was using for 
America's Army was correct - it was the game server that needed 
changing.  Thanx for the debugging help.

-- 
Daniel






More information about the Firehol-support mailing list