[44978] in North American Network Operators' Group
RE: Blocking Internet Gaming
daemon@ATHENA.MIT.EDU (James)
Sun Jan 6 21:54:54 2002
From: "James" <james@james-web.net>
To: "'Scott Gifford'" <sgifford@suspectclass.com>
Cc: <nanog@merit.edu>
Date: Sun, 6 Jan 2002 21:54:13 -0500
Message-ID: <000801c19726$9700ad80$6600a8c0@jamesdesktop>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <lypu4mev6e.fsf@gfn.org>
Errors-To: owner-nanog-outgoing@merit.edu
It would make me nervous too. Plus, I hate when things stop working
because then people call me and I have to talk to them :)
But if a brand new packet is outbound to 29760, you know it is probably
going to a Half Life server (I think that's the port). So wouldn't it
be wise to deny that? Specifically it would be UDP 29760, not TCP.
Doesn't FTP use TCP when negotiating a connection?
- James
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Scott Gifford
Sent: Sunday, January 06, 2002 9:45 PM
To: James
Cc: nanog@merit.edu
Subject: Re: Blocking Internet Gaming
"James" <james@james-web.net> writes:
> What kind of games specifically?
>
> Like online Java games (Bejeweled)? Or games like Quake, Unreal,
Tribes
> etc?
>
> The latter is much easier, just block all traffic to/from the default
> ports which use them. A quick google would yield what they use. I'll
> give you a quick hint and say Quake3 is 29760-5 or so and Tribes1/2 is
> 28000-28005 or so.
Doesn't that cause trouble with occasionally blocking ephemeral ports?
If you're not allowing incoming connections of any kind (including
non-PASV FTP) it shouldn't matter, but blocking ports above 1024
always makes me nervous...
----ScottG.
