Hi everybody,I'm using a Linux box at home to connect to the internet. Everything works flawlessly, except FS2002 multiplayer. I cannot host or join a MP session.Iptables is the firewall I use on my Linux box. I've made several changes for FS2002 in the firewall script, but I've had no luck so far.Here are the additional rules I added (RH-Lokkit-0-50-INPUT is the default chain in RedHat 8.0):These rules tell iptables to accept UDP connections for FS2002:-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 6073 -j ACCEPT-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2302:2400 -j ACCEPTThese rules should tell iptables to forward the udp ports to the 192.168.0.2 machine in my LAN: -A FORWARD -p udp -d 192.168.0.2 -i eth1 -m udp --dport 6073 -j ACCEPT-A FORWARD -p udp -d 192.168.0.2 -i eth1 -m udp --dport 2302:2400 -j ACCEPTThese rules tell iptables to use Destination NAT for these udp ports:-A PREROUTING -p udp -m udp -i eth1 --dport 6073 -j DNAT --to-destination 192.168.0.2-A PREROUTING -p udp -m udp -i eth1 --dport 2302:2400 -j DNAT --to-destination 192.168.0.2And finally this is my default SNAT rule:-A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to-source xx.xxx.xxx.x (<- my ip address here)I'm getting quite desperate here, what am I overlooking ?Any help is greatly appreciated,Eric

I was having the same problems using a router, only after opening the following ports, the problem was solved.2300-24006073476243782maybe this helps.

Hi Cyborg,Thanks for your swift answer....which ports you listed are UDP and which are TCP ?Thanks,Eric

Okay,I updated the script:These rules tell iptables to accept UDP & TCP connections for FS2002:-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 3782 -j ACCEPT-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 47624 -j ACCEPT-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 6073 -j ACCEPT-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2302:2400 -j ACCEPTThese rules should tell iptables to forward the following UDP & TCP ports to the 192.168.0.2 machine in my LAN:-A FORWARD -p udp -d 192.168.0.2 -i eth1 -m udp --dport 6073 -j ACCEPT-A FORWARD -p udp -d 192.168.0.2 -i eth1 -m udp --dport 2302:2400 -j ACCEPT-A FORWARD -p tcp -d 192.168.0.2 -i eth1 -m tcp --dport 3782 -j ACCEPT-A FORWARD -p tcp -d 192.168.0.2 -i eth1 -m tcp --dport 47624 -j ACCEPTThese rules tell iptables to use Destination NAT for these UDP & TCP ports:-A PREROUTING -p udp -m udp -i eth1 --dport 6073 -j DNAT --to-destination 192.168.0.2-A PREROUTING -p udp -m udp -i eth1 --dport 2302:2400 -j DNAT --to-destination 192.168.0.2-A PREROUTING -p tcp -m tcp -i eth1 --dport 3782 -j DNAT --to-destination 192.168.0.2-A PREROUTING -p tcp -m tcp -i eth1 --dport 47624 -j DNAT --to-destination 192.168.0.2And finally this is my default SNAT rule:-A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to-source xx.xxx.xxx.x (<- my ip address here)Still no MP connection whatsoever :-(Eric

Okay,I got it working now :-); here's the whole thing. Seems to me FS2002 is still using DirectX 7 net code to connect:-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 3782 -j ACCEPT-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 47624 -j ACCEPT-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 6073 -j ACCEPT-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2300:2400 -j ACCEPT-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2302:2400 -j ACCEPT-A FORWARD -p udp -m udp -d 192.168.0.2 -i eth1 --dport 6073 -j ACCEPT-A FORWARD -p udp -m udp -d 192.168.0.2 -i eth1 --dport 2302:2400 -j ACCEPT-A FORWARD -p tcp -m tcp -d 192.168.0.2 -i eth1 --dport 2300:2400 -j ACCEPT-A FORWARD -p tcp -m tcp -d 192.168.0.2 -i eth1 --dport 3782 -j ACCEPT-A FORWARD -p tcp -m tcp -d 192.168.0.2 -i eth1 --dport 47624 -j ACCEPT-A PREROUTING -p udp -m udp -i eth1 --dport 6073 -j DNAT --to-destination 192.168.0.2-A PREROUTING -p udp -m udp -i eth1 --dport 2302:2400 -j DNAT --to-destination 192.168.0.2-A PREROUTING -p tcp -m tcp -i eth1 --dport 2300:2400 -j DNAT --to-destination 192.168.0.2-A PREROUTING -p tcp -m tcp -i eth1 --dport 3782 -j DNAT --to-destination 192.168.0.2-A PREROUTING -p tcp -m tcp -i eth1 --dport 47624 -j DNAT --to-destination 192.168.0.2Bye,Eric

1. At the very begining or end of those rules put something like iptables -A INPUT -p upd -j LOG --log-prefix "test upd" iptables -A INPUT -p udp -j REJECT this will let you know exactly what ports are being hit for udp .I believe with MP though you need to sport as well . I know this is the case for udp 3782 which is what roger wilco uses .2. For prerouting you should --to-destination 192.168.0.2:portnumber (i believe )I would do the following on the first rule you do not need the -mmake a script and chmod 700#!/bin/shPATH=/usr/local/sbin/iptables=/usr/local/sbin/iptablesiptables -A INPUT -p udp --dport 6073 -j ACCEPTiptables -A INPUT -p udp udp --dport 2302:2400 -j ACCEPTiptables -A FORWARD -p udp -i eth0 -o eth1 -m state --state ESTABLISHED -j ACCEPTiptables -A FORWARD -p tcp --port 135:137 -j DROP iptables -A FORWARD -p udp -d 192.168.0.2 -i eth1 udp --dport 6073 -j ACCEPTiptables -A FORWARD -p udp -d 192.168.0.2 -i eth1 udp --dport 2302:2400 -j ACCEPTiptables -A PREROUTING -p udp -m udp -i eth1 --dport 6073 -j DNAT --to-destination 192.168.0.2:portnumberiptables -A PREROUTING -p udp -m udp -i eth1 --dport 2302:2400 -j DNAT --to-destination 192.168.0.2:portnumber -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to-source xx.xxx.xxx.x (:). Good luck . I hope it works Capt.Richard Dillon (KATL)www.jetstarairlines.comhttp://hifi.avsim.net/activesky/images/wxrebeta.jpghttp://jdtllc.com/images/RCsupporter.jpg"Lets Roll" 9/11 -----------------------Specs AMD 2400 XP MSI KTV4 512MB DDR 2100Asus GF4 ti 4200 128MBSB Audigy Gamer Ch Products Yoke and Pedals(usb)Windows 2000 Serivce Pack 3