DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 4th August 2008
_mg_ _mg_ is offline
New User
 
Join Date: Jul 2008
Posts: 2
Default pf and xbox live

Hi guys!

I would need a little help with my pf settings to get Xbox Live's NAT from 'Strict' to 'Open'. I'm not too familiar with pf and at the moment I don't know where to go from here.

The following ports must be available for Xbox LIVE to operate correctly:
udp: 88, 3074
tcp: 3074
http://support.microsoft.com/kb/908874?sd=xbox

I've tried different possible solutions from the internet, but with no luck. My home setup is server(pf firewall/router assigns IP-addresses from MAC-addresses) -> linksys wlan server -> xbox360 (wireless)

Here is my current pf.conf. All suggestions regarding this problem or my pf.conf file will be taken gladly .

Code:
#
# MACROS
#
ext_if = "rl0"
int_if = "rl1"

tcp_services = "{ 22, 113, 21 }"
icmp_types = "echoreq"

jope_pc = "192.168.1.100"
jossu_pc = "192.168.1.101"
xbox = "192.168.1.102"
spare = "192.168.1.103"

# xbox ports
x_udp = "{88, 3074}"
x_tcp = "3074"

#
# TABLES
#
table <trusted> const { $jope_pc $jossu_pc $xbox $spare }
table <badguys> persist file "/var/log/pf_badguys.log"

#
# OPTIONS
#
set block-policy return
set loginterface $ext_if

set skip on lo

#
# SCRUB
#
scrub in all

#
# QUEUEING
#


#
# TRANSLATION
#

# nat/rdr
nat on $ext_if from !($ext_if) -> ($ext_if:0)

# xbox360 / added 03.08.2008
rdr pass on $ext_if inet proto udp from any to any port \
$x_udp -> $xbox
rdr pass on $ext_if inet proto tcp from any to any port \
$x_tcp -> $xbox

#
# FILTER RULES
#
block all

# ntp / added 29.04.08
pass out quick on $ext_if inet proto udp from $ext_if to \
any port = ntp keep state

pass in quick on $int_if from <trusted> to any
pass out quick on $int_if from any to <trusted>

pass out keep state

anchor "ftp-proxy/*"
antispoof quick for { lo $int_if }

block in log quick on $ext_if inet proto $tcp_services from <badguys>

# xbox360 / added 03.08.2008
pass in quick on $ext_if inet proto udp from any to $xbox \
port $x_udp keep state
pass in quick on $ext_if inet proto tcp from any to $xbox \
port $x_tcp keep state

pass out quick on $int_if inet proto udp from any to $xbox \
port $x_udp keep state
pass out quick on $int_if inet proto tcp from any to $xbox \
port $x_tcp keep state

pass in quick on $int_if inet proto udp from $xbox to any \
port $x_udp keep state
pass in quick on $int_if inet proto tcp from $xbox to any \
port $x_tcp keep state


pass in log quick on $ext_if inet proto tcp \
from any to ($ext_if) port $tcp_services \
flags S/SA keep state (max-src-conn-rate 3/60, overload <badguys> flush)

pass in inet proto icmp all icmp-type $icmp_types
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Live *BSD Distribution JMJ_coder Other BSD and UNIX/UNIX-like 22 12th February 2010 05:29 PM
can't boot live *BSD through QEMU! atphalix Other BSD and UNIX/UNIX-like 7 12th June 2009 02:04 AM
Successfully booting NetBSD Live on a Sony Vaio PCG-GRZ530 with limited results Mr-Biscuit NetBSD General 6 26th May 2009 11:47 AM
Installing 64bit from scratch on a 32bit live system an0r0c FreeBSD Installation and Upgrading 1 11th May 2008 04:16 AM


All times are GMT. The time now is 03:49 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick