Re: PS/2 can't get through firewall/nat

["J. Scott Edwards" <sedwards@xmission.com>]

On Sat, 31 Aug 2002, Casey Paul Scott wrote:

> UDP is a connectionless protocol, and therefore does not keep state.
>
> http://www-net.cs.umass.edu/kurose/transport/UDP.html

It does say in the pf.conf man page that it will keep state on UDP even if
it is connectionless.  It says it matches up the host and the port
numbers.  However, it still doesn't seem to work.

> Given a choice, since this is a home system, why don't you open up your
> PF.conf to Pass in all/pass out all, and then sniff the traffic as it
> goes by while you're playing? Then you've eliminated PF as the problem,
> and you have a log of exactly what traffic is generated by your game.
> You can then reinstate your original pf.conf, and modify it from there.
>
> Yes, your firewall would be off for a while, but you're talking about
> allowing inbound random UDP packets on random ports from anyone. You
> might as well be turning off PF anyway. It would be a good idea to get
> used to having a pair of pf.conf files (pf.shields_up.conf and
> pf.shorts_around_my_ankles.conf? ;-)) and get used to switching them
> before and after each game if you're going to allow inbound UDP. Or,
> get another IP address, and use NAT redirection to point all inbound
> traffic on that IP to your playstation, so that at least when it's off,
> it's a little harder to take out your network.
>

I just tried letting all UDP packets in and out (which I was sure would
work) and it still fails:

pass out on xl1 proto udp all
pass in on xl1 proto udp all

I must be doing something completely wrong.

I can't remember if I mentioned this before but I disconnected the
firewall and hooked the Playstation directly to the outside and it worked
just fine.

-Scott