I'm just setting up my firewall and I searched around for the ports needed. Found these on the CS web forum. Thought they may be useful here. If there are any other games and you have ports - rules for them then add them to this topic!
TCP 6003 outbound, incoming replies (as specified in woncomm.lst)
TCP 7002 outbound, incoming replies (as specified in woncomm.lst)
UDP 27010 outbound, incoming replies (as specified in woncomm.lst)
UDP 27011 outbound, incoming replies (as specified in woncomm.lst)
UDP 27012 outbound, incoming replies (as specified in woncomm.lst)
UDP 27013 outbound, incoming replies
UDP 27015 outbound, incoming replies on 27015-27050
That appears somewhat mores secure than my
own Kerio Firewall rule
Protocol= TCP/UDP
Local= Any address any port
Remote = Any address any port
Direction= incoming & outgoing
Rule= allow
I big hole I think, I'll try adding your port settings Thanks
QuoteI'm just setting up my firewall and I searched around for the ports needed. Found these on the CS web forum. Thought they may be useful here. If there are any other games and you have ports - rules for them then add them to this topic!
TCP 6003 outbound, incoming replies (as specified in woncomm.lst)
TCP 7002 outbound, incoming replies (as specified in woncomm.lst)
UDP 27010 outbound, incoming replies (as specified in woncomm.lst)
UDP 27011 outbound, incoming replies (as specified in woncomm.lst)
UDP 27012 outbound, incoming replies (as specified in woncomm.lst)
UDP 27013 outbound, incoming replies
UDP 27015 outbound, incoming replies on 27015-27050
That sounds pretty much good enough. My firewall allows me to connect to anything and I have to do what you have done above but only to let internet traffic inside. I've built up quite a list actually for things like kazaa and direct connect, ftp server, telnet, web server etc... But the counter strike or halflife won servers only connect to you if you connect to them first so I only needed to open 27015 to let users play on my server.
So your outbound and incoming replies should have you covered but 27005 is another one, usually for your client port whn on a server so that might be required outbound.
Havn't needed 27005 yet.
And stick your list up... lets make this thread 'The most useful post of the year'
Here's a very useful page that lists ports for lots of apps:
http://www.practicallynetworked.com/sharin...p_port_list.htm (http://www.practicallynetworked.com/sharing/app_port_list.htm)
If you play directplay games then you need a huge number of ports open which is bad news. However, if you download an app called DXport then you can dictate which port the game runs on and can consequently reduce the number of ports you need to open in your firewall (which is a good thing).
DX Port can be found here:
http://www.puffinsoft.com/ (http://www.puffinsoft.com/)
DXport also allows multiple clients to play the same game on the net through a nat firewall which can be a problem otherwise.
so, I need to open up ALL those ports to run a server?
The guide I saw on http://server.counter-strike.net/help/basics.html (http://server.counter-strike.net/help/basics.html) only lists 5
QuoteIncoming UDP to local destination 27015.
Outgoing UDP to remote destination 27010, 27012.
Outgoing TCP to remote destination 5273.
Outgoing TCP to remote destination 7002
and 3 of those are outgoing. Surely you only have to open incoming port for people to connect? It half worked, although my own ASE couldn't ping it it could detect it at least.
If you want to run a CS server behind a firewall and let people connect to it then the ONLY port you need open is the port the server runs on (27015 for example). That is how my server is setup and so far no probs!
Oh my firewall supports SPI so any outbound traffic is allowed by default. I know that some people may feel that this is less secure than precisely defining which outbound ports are allowed but I find it a PITA so allow SPI to run things.
We should probably update this thread for the 1.6 ports as well, although their definition is wildly unclear as to what "open" means.. :)
Also a quit handy site: http://www.portforward.com/default.htm (http://www.portforward.com/default.htm)
With the latest server patches I need to open 27010 to 27040 to get Stea/CS:S working and visible
I'm at my wits end(didn't have far to go, I know :rolleyes:)
Here's the scenario: D-Link DIR655 router. I can run servers for LFS and netKarPRO with no problem whatsoever. They show in their respective lobbies and I can connect to them as per usual. As far as rFactor is concerned it's a different tale.
Ports are forwarded to the server machine in the same manner as the other two games. When the server is running it does not show up in the rFactor lobby, however, if I enter the IP address the server appears but when I try to join, it times out.
The results of DynDNS's port tester with the server running.
QuoteAn attempted connection to 94.168.127.118:34397 was refused. This typically indicates that there are no services available on that port, but that it is NOT being blocked by a firewall or your ISP.
That goes for 34297 as well
This is the other port that is used
Quote94.168.127.118:34447 is open and accepting connections. This indicates the port is not being blocked by either a firewall or your ISP and is currently operational.
I can join other servers with no problems.
Anyone got a service revolver I can borrow?
You need:
UDP 34297
UDP 34397
TCP 34447
Quote from: BlueBall;278761You need:
UDP 34297
UDP 34397
TCP 34447
Oh that it was that simple. I'd been running an rFactor server very successfully for a few months before the new router. :rolleyes:
Quote from: Doorman;278766Oh that it was that simple. I'd been running an rFactor server very successfully for a few months before the new router. :rolleyes:
post a screen shot of your port forwarding page
Quote from: BlueBall;278767post a screen shot of your port forwarding page
(http://www.finnglish.co.uk/scrns/ports.jpg)
The only thing I can think off is to swap the order of the UDP ports and put the lower number first then reboot the router.
I know, it sounds daft b ut worth trying.
Quote from: BlueBall;278769The only thing I can think off is to swap the order of the UDP ports and put the lower number first then reboot the router.
I know, it sounds daft b ut worth trying.
I don't
think I've tried that. I have tried giving each port it's own entry. Also making all of them TCP/UDP. I've reset the router back to defaults and started over again. Oh, and I've beaten up the wife.
Quote from: Doorman;278770Oh, and I've beaten up the wife.
Well if that doesn't sort it nothing will :)
The other thing to try is to go to your server and type "netstat -b" in a command window, it will list the ports in use by the server. make sure the server is actually using the relevant ports.
See my gob? It's just been smacked! I actually joined my server! It didn't show in the lobby but it's a start! Well done. :D
EDIT: netstat -b shows only 34447 TCP being used which ties in with my opening post
That didn't last long. It's gawn again. :doh: