RE: RES: RE: RES: RE: RES: RE: Spooky filter problem! Tom?
- From: "David Farinic" <davidf@xxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 12 Feb 2003 09:44:45 +0100
you can setup fixed udp port for CS(HLDS) server of your choice which your user
will be using during game itself.So setup publishing and allowing for that port
in ISA is not a prob.
For server auth. to Server with list of servers there is 1 fixed port com. as
far as i know.
Anyway in anycase of product with unknown communication channels i am using my
netwatch on client machine to see clearly what port and protocol is used
(spacer.cc/netwatch.zip)
P.S.:Netwatch is raw socket based sniffer (simply expl.:doesnt have device
driver)
Never use any network sniffer based on raw socket API on production PC as
friend of mine found out that you can freeze Win2000 Boxes (not xp .net tested
by me!) if you simply ping them with loosing source flag with using their
gateway ip in that ping.So again i dont recommend to run it on production
servers. However this netwatch is small ~50KB and is convenient to use and
immediately see all traffic on 1 screen
Regards Spacer
-----Original Message-----
From: Mark Hippenstiel [mailto:m.hippenstiel@xxxxxxxxxxxx]
Sent: Wednesday, February 12, 2003 9.27 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RES: RE: RES: RE: RES: RE: Spooky filter problem!
Tom?
http://www.ISAserver.org
Well.. I would agree with others and say it's only a game(-server) why
bother. But since we are talking about a technical problem it's interesting
to find out what the problem is - at least to a certain extent.
You know enough about ISA to be aware that there are technical limitations
that btw apply to any firewall. So there's really no need to discuss if ISA
is suited for that kind of application. I would say it is. The problem lies
in the communication, I would advise you to look for articles from
firewalled CS users for instance on expert exchange.
If you only used CS to test for the availability of your HLDS, I would say
that this is not enough. The thread topic you choose implies that you assume
that the problem could be caused by an unknown bug in the filtering
mechanisms... I recommend that you get a port scanner and scan for all open
ports once from within your network and once from external. I bet there's a
port or two missing. Further you might want to have a closer look at
low-level network communications on the external machine to see what's
really happening.
And you could contact Valvesoftware (I believe it is) and ask if they can
provide you with more information.
It's like I said - if you don't know enough about the protocol being used
you're bound to test and try. It's a lot of work.
If I can help you in any other way let me know. Good Luck!
Mark
Ps Did you try to change the UDP filter properties? I would set SendReceive
for 'incoming' and ReceiveSend for 'outgoing'
This mail was content checked for malicious code and viruses
by GFI MailSecurity. GFI MailSecurity provides email content
checking, exploit detection and anti-virus for Exchange &
SMTP servers. Spam, viruses, dangerous attachments and
offensive content are removed automatically. Key features
include: Multiple virus engines; Email content & attachment
checking; Exploit shield - email intrusion detection & defence;
Email threats engine - analyses & defuses HTML scripts,
.exe files & more.
In addition to GFI MailSecurity, GFI also produces the GFI
FAXmaker fax server & GFI LANguard network security product
ranges. For more information on our products, please visit
http://www.gfi.com. This disclaimer was sent by GFI MailEssentials
for Exchange/SMTP.
Other related posts:
