Listening on alternate ports

Submitted by javelin on Mon, 2012-02-13 20:01

Some people on the internet are behind a firewall which disallows outgoing connections to non-standard ports. So, for example, they may not be able to connect to your MUSH on port 6969.

A solution is to make the MUSH also listen on a standard port (in this example, I use 443, which is usually used for secure HTTP connections). This assumes you have iptables installed on the system, and are logged on as root. It should probably be put in /etc/rc.d/rc.local so that it will be re-executed upon machine boot.

/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -d 64.94.46.199 --dport
443 -j DNAT --to 64.94.46.199:6969

In the above, 64.94.46.199 is my MUSH's IP address. 6969 is the normal port of the MUSH. 443 is the port I've setup especially for people who can't reach port 6969.

This port forwarding does not obfuscate the LASTSITE of players who connect through the alternate port, since it is done at the kernel level.

2002-Dec-01 2:02am pmak