Page 1 of 5 123 ... LastLast
Results 1 to 10 of 49
  1. #1
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default Gaming - Can anyone help?

    I know I have brought this up in a couple of threads but I just can't seem to get this going.

    Untangle Admins and Mods, if you would prefer me to consolidate this post into one of the others then I will. Otherwise, I will try to keep it on this one from here forward.

    This is the last piece of the puzzle for my Untangle @ home to be complete.

    Hardware
    Intel P4 2.66
    768MB Ram
    40GB Hard Drive
    Dual NICS


    My current config:
    *Untangle 5.03
    *Router mode
    *All Open Source Modules
    *Attack Blocker Disabled in untangle-vm
    *Firewall Set to Pass by default with many rules allowing only traffic that I want with a Block & Log ANY/ANY rule as the last rule.
    *Port Forwarding rules are set to forward ports 16250-16270 and 13139. There are 4 forwarding rules in place with these ports. Two with the mentioned ports as source ports and 2 rules with the mentioned ports as destination ports.
    *No rack policies for all gaming ports for both directions

    Problem
    Some multiplayer servers in Ghost Recon Advanced Warfighter 2 I can connect to with no problems but most others I can't while behind Untangle. Other firewalls presents no problems. But the other firewalls can't hold a light to Untangle. So I am trying to get this resolved.

    I can verify that the "no rack" policies are working by looking at the active sessions when I update the online server lists.

    See Sessions After Server List Update.txt attached

    As you can see, the only sessions present are on the router module, with the exception of 10.2.3.2 which is my vonage router. This is the list of all public servers in the list. Also, the sessions don't linger around... they were closed pretty quickly.

    Next is the sessions when trying to connect to a single server and the connection fails

    See Sessions when connection to server fails.txt attached

    Again, no activity other than the vonage router and the connections on the Router Module. Plus there are only 3 sessions showing in the router module that are related to the game. The 2 sessions with port 10000 showing are vonage connections. I have put all other traffic in my home network to a halt while I am troubleshooting this.

    Now, I monitor the Untangle client while trying to connect to the game and I notice that the firewall module starts showing Block activity in the graph but my Block & Log ANY/ANY rule doesn't report it to the logs. The sessions don't show any activity in the firewall module either. Naturally, one would think to disable the firewall. Well... I have, and that doesn't make a difference. The connections still fail.

    So, I am all ears for suggestions and am willing to provide any other information needed to get this going.

    I have spent more time playing the game (or trying to) to get this resolved than I normally play. I just want to keep my Untangle server in place and not be swapping servers around when it comes time to play.
    Last edited by Silver Bullet; 09-15-2008 at 03:08 PM.

  2. #2
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    P.S. I realize this probably isn't top priority for Untangle to help Silver Bullet play online games from behind his Untangle server. But, if you guys could take a look when you get free time and offer some input then it would be greatly appreciated.

    Thanks.

  3. #3
    mdh
    mdh is offline
    Untangle Ninja mdh's Avatar
    Join Date
    Aug 2007
    Posts
    4,752

    Default

    As far as I can tell, you've more than earned the right to ask for some help. The question is whether we can offer any wizardry considering that you're no slouch!

    I was poking around the GRAW2 forum and found the following port listing. Its a GRAW list but on the GRAW2 forum, so maybe its not applicable.

    http://ubisoft-en.custhelp.com/cgi-b...ZwX3BhZ2U9MQ**

    Just in case that's more than a mouthful, I did a tinyurl number on it, and it "claims to be":

    http://tinyurl.com/2b7car

    Also found something for DirectX with multiple graphic cards on Vista. I don't recall whether you ever mentioned your gaming OS. Link is:

    http://support.microsoft.com/kb/936710

    And here's a link about ICMP-related crashes on server-to-client communications:

    http://forums.ubi.com/eve/forums/a/t...3/m/8741005675

    Maybe there's a gem in there...

  4. #4
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    Thanks mdh.

    Yeah, those ports are for Graw. Graw 2 changed port 15250 to 16250 and a couple others.

    I had not thought about the pings. My Untangle box does accept external icmp requests. I am at home right now for lunch and thought I would try forwarding Ping requests to my Gaming PC but it still fails to connect.

    I am digging through some log files right now. Currently looking in /var/log/uvm I noticed a warning in console.log
    Code:
    ============================
    /usr/share/untangle/bin/bunnicula
    ============================
    WARNING: Missing proc setting "/proc/sys/net/ipv4/ip_queue_maxlen"
    log4j:WARN No appenders could be found for logger (com.untangle.uvm.engine.Main).
    log4j:WARN Please initialize the log4j system properly.
    11-28 23:03:22.721272| NETCAP 2.3.0-1 Initialized
    11-28 23:03:22.735514| ERROR:libnetcap/src/netcap_intf_db.c:273:CRITICAL ERROR: Nothing is known about 'tun0'
    11-28 23:03:22.735576| ERROR:libnetcap/src/netcap_intf_db.c:208:WARNING: Ignoring unkown interface 'tun0' at index 2.
    11-28 23:03:22.735608| ERROR:libnetcap/src/netcap_intf_db.c:209:WARNING: Interfaces may be configured incorrectly.
    11-28 23:03:24.015349| ERROR:libnetcap/src/netcap_intf_db.c:273:CRITICAL ERROR: Nothing is known about 'tun0'
    11-28 23:03:24.015428| ERROR:libnetcap/src/netcap_intf_db.c:208:WARNING: Ignoring unkown interface 'tun0' at index 2.
    11-28 23:03:24.015461| ERROR:libnetcap/src/netcap_intf_db.c:209:WARNING: Interfaces may be configured incorrectly.
    11-28 23:03:25.094187| JNETCAP: Setting new session sched policy to 4
    11-28 23:03:25.094286| JNETCAP: Setting session sched policy to 4
    11-28 23:03:25.094744| JNETCAP: Setting session limit to 10000
    UVM startup complete: "Today vegetables...tomorrow the world!"
    11-28 23:03:29.692101| ERROR:libnetcap/src/netcap_intf_db.c:273:CRITICAL ERROR: Nothing is known about 'tun0'
    11-28 23:03:29.692169| ERROR:libnetcap/src/netcap_intf_db.c:208:WARNING: Ignoring unkown interface 'tun0' at index 2.
    11-28 23:03:29.692201| ERROR:libnetcap/src/netcap_intf_db.c:209:WARNING: Interfaces may be configured incorrectly.
    UVM postInit complete
    Can you make heads or tails of that message. I don't know enough about iptables to know what purpose that file and it's setting has. I checked that directory and that file, ip_queue_maxlen, doesn't exist. After looking around online, it looks like it should be there and have a value of 65535. I tried creating the file but it will not let me.

    Oh yeah, I am running XP FWIW.

    By the way... I think I would rather have the world today and eat the veggies tomorrow.

  5. #5
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    I am finishing up a new install of Untangle on another machine that is identical to my original.

    Before I started, I was looking in the iptables.log in /var/log/uvm on the original machine and noticed an error that is being generated after it tries to create the iptables rules.

    Code:
    [DEBUG:Thu Nov 29 18:21:23 EST 2007] Generating iptables rules
    Exception in thread "main" java.lang.RuntimeException: com.untangle.uvm.client.InvocationConnectionException: could not connect
    	at com.untangle.uvm.client.RemoteUvmContextFactory.uvmLogin(RemoteUvmContextFactory.java:336)
    	at com.untangle.uvm.client.RemoteUvmContextFactory.systemLogin(RemoteUvmContextFactory.java:275)
    	at com.untangle.uvm.client.RemoteUvmContextFactory.systemLogin(RemoteUvmContextFactory.java:289)
    	at com.untangle.uvm.client.RemoteClient.main(RemoteClient.java:136)
    Caused by: com.untangle.uvm.client.InvocationConnectionException: could not connect
    	at com.untangle.uvm.engine.HttpInvokerStub.invoke(HttpInvokerStub.java:163)
    	at com.untangle.uvm.client.RemoteUvmContextFactory.uvmLogin(RemoteUvmContextFactory.java:334)
    	... 3 more
    Caused by: java.net.ConnectException: Connection refused
    	at java.net.PlainSocketImpl.socketConnect(Native Method)
    	at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
    	at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
    	at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
    	at java.net.Socket.connect(Socket.java:519)
    	at sun.net.NetworkClient.doConnect(NetworkClient.java:152)
    	at sun.net.www.http.HttpClient.openServer(HttpClient.java:382)
    	at sun.net.www.http.HttpClient.openServer(HttpClient.java:494)
    	at sun.net.www.http.HttpClient.<init>(HttpClient.java:231)
    	at sun.net.www.http.HttpClient.New(HttpClient.java:304)
    	at sun.net.www.http.HttpClient.New(HttpClient.java:316)
    	at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:817)
    	at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:769)
    	at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:694)
    	at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:861)
    	at com.untangle.uvm.engine.HttpInvokerStub.doInvoke(HttpInvokerStub.java:190)
    	at com.untangle.uvm.engine.HttpInvokerStub.invoke(HttpInvokerStub.java:161)
    	... 4 more
    Custom rules script is disabled
    I just looked and noticed the same error on a fresh install. Is this a Bug?

    Again, I don't know iptables enough to know how relevant this is or if it is at all.

    My current plan of attack is to test this with just the router module and untangle-vm edited to disable the Attack Blocker.

  6. #6
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    Well that didn't turn out well.

    I started out with just the router module on a fresh install and disabled attack blocker. Configured my redirects for the outgoing ports the game requires and the same ports I have used on other firewalls. At first I could load the available servers but could not connect. I verified that my external IP was ping visible.

    It seemed like the attack blocker wasn't disabled although I did disable it in untangle-vm. I did install the Attack Blocker module to see if it was generating any logs but it wasn't. I was only getting maybe 15 available servers....tops.

    Put my original server back in place and all of the servers are available again. But now I'm back at square one.

    I am really curios about these iptables errors that are being reported in the logs. Anyone have enough experience with it to explain what they mean and the repercussions of these particular errors?

  7. #7
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    I am getting in over my head now

    Looking in /usr/share/untangle/bin/bunnicula i see where it specifies procset /proc/sys/net/ipv4/ip_queue_maxlen 16384. However, as I mentioned earlier, this file doesn't exist. There is a comment above this command that states
    ## not sure if this is still applicable since we now use nfqueue, (rbs 9/29/06)
    From looking around, it appears that nfqueue plays the same role. Since nfqueue is in use (it is right?), can this line be commented out in bunnicula?

    Also, I found the source of the errors in iptables.log by manually restarting networking.

    Output from /etc/init.d/networking restart

    Code:
    ~ # /etc/init.d/networking restart                                                                                                                                                            [root @ dmcbeth]
    Setting up IP spoofing protection: rp_filter.
    Reconfiguring network interfaces...ifup: interface lo already configured
    incorrect number of arguments for command
    commands:
            addbr           <bridge>                add bridge
            delbr           <bridge>                delete bridge
            addif           <bridge> <device>       add interface to bridge
            delif           <bridge> <device>       delete interface from bridge
            setageing       <bridge> <time>         set ageing time
            setbridgeprio   <bridge> <prio>         set bridge priority
            setfd           <bridge> <time>         set bridge forward delay
            sethello        <bridge> <time>         set hello time
            setmaxage       <bridge> <time>         set max message age
            setpathcost     <bridge> <port> <cost>  set path cost
            setportprio     <bridge> <port> <prio>  set port priority
            show                                    show a list of bridges
            showmacs        <bridge>                show a list of mac addrs
            showstp         <bridge>                show bridge stp info
            stp             <bridge> <state>        turn stp on/off
    SIOCSIFMTU: No such device
    0.0.0.0: ERROR while getting interface flags: No such device
    ethtool: bad command line argument(s)
    For more information run ethtool -h
    ethtool: bad command line argument(s)
    For more information run ethtool -h
    Internet Systems Consortium DHCP Client V3.0.1
    Copyright 2004 Internet Systems Consortium.
    All rights reserved.
    For info, please visit http://www.isc.org/products/DHCP
    
    tun0: unknown hardware address type 65534
    Ignoring command for reason: 'PREINIT'
    tun0: unknown hardware address type 65534
    Listening on LPF/br0/00:0b:cd:b4:37:b1
    Sending on   LPF/br0/00:0b:cd:b4:37:b1
    Sending on   Socket/fallback
    DHCPREQUEST on br0 to 255.255.255.255 port 67
    DHCPREQUEST on br0 to 255.255.255.255 port 67
    DHCPDISCOVER on br0 to 255.255.255.255 port 67 interval 6
    DHCPOFFER from 10.112.2.1
    DHCPREQUEST on br0 to 255.255.255.255 port 67
    DHCPACK from 10.112.2.1
    bound to 24.119.24.75 -- renewal in 39650 seconds.
    /usr/bin/poff: No pppd is running.  None stopped.
    done.
    I am having a hard time determining the cause of this. I have looked up and down the etc/init.d/networking file and can't see the problem. Might help though if I knew what I was looking at though

    Anyone have any insight?

  8. #8
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    wooooooah!!!

    I haven't read the whole thread, but I'll say this:
    Getting your games working through Untangle *is* quite important to us.

    That being said, I can't imagine why it wouldn't work through untangle.

    I'm 100% positive that the warnings you are seeing in the logs are 100% normal and not actually an indication of a problem (we just haven't removed them yet for several reasons)

    btw you don't want to be restarting networking manually
    in 5.0, the untangle-vm handles this

    in 5.1, the networking setup will be COMPLETELY different. (Router will be gone)

    The best option to help us figure out what is going on is to a tcpdump of the relevant traffic on both the inside and outside so we can figure out the difference and start a bug.
    If the communication is on port 1234 on UDP I would do

    tcpdump -s 0 -n -i eth0 -w eth0.ptrace "udp port 1234" &
    tcpdump -s 0 -n -i eth1 -w eth1.ptrace "udp port 1234" &
    <run test>
    killall tcpdump
    upload ptrace to us

    (beware this will contain any cleartext passwords)

    then we can look at the packet traces in wireshark on the inside and outside and see if we can figure something out.

    ps - do you see any "mailbox full" messages in /var/log/uvm/console.log?
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  9. #9
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    I broke it and I don't think I saved a copy of the console.log file before I reinstalled. I just reinstalled with all of the modules. Back to square one.

    I will definitely get the tcpdumps to you guys. Too tired to mess with it anymore tonight. Going cross-eyed from looking at log files.

    Thanks

  10. #10
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    lol

    breaking things is how you figure out how they work
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Page 1 of 5 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2