Daddl 10 Posted July 13, 2005 There I go: Having played OFP MP online for years now, always using a router & NAT, I thought I'd get my new router (3com WLAN OfficeConnect router) up and running with OFP in no time. Well... so I thought. The ports 2300 - 2400 are open, OFP has all allowances in ZoneAlarm, the Windows Firewall is shut down, and the router sends all request on the open ports right away to my pc, and the game's installation hasn't been touched since my last successfull mp game (without router) weeks ago. Now, I think I have an idea where the problem might lie: the new router came with all kinds of bells&whistles regarding security and such. Among that is a hardware firewall that offers statefull package inspection and more. Now, whenever I try to connect to an OFP server I get a log entry claiming that my machine is trying to 'flood' the game server with UDP packages. So I assume (not sure, tho) the router simply shuts the connection and blocks all further transmissions until the flooding has ceased (i.e. I'm not trying to connect anymore). Quote[/b] ]2005/07/13 21:09:05 : **UDP Flood to Host** 192.168.1.100, 2304->> 64.201.105.130, 2434 (from WAN Outbound) I guess it's a bit too sensitive for the ammount of data OFP is trying to transmit when connecting to the server. Unfortunately There's only very general settings and I'm not sure to what I should set them to allow for the game to play without opening up too much. The following are the default settings: Maybe someone with more knowledge of hardware firewalls could recommend some sensible settings that would still allow for OFP to connect without completely turning of the SPI & DoS protection... Share this post Link to post Share on other sites
crashdome 3 Posted July 13, 2005 I am definately not an expert on this... but it looks like you might have to adjust most of the ones in the bottom group. Can you try other servers? Is the result the same? Try doubling the bottom values as a test and see if it helps.... Share this post Link to post Share on other sites
shadow 6 Posted July 14, 2005 I have a 3com gateway myself, maybe I can help. But I need to know which model you have. 3CRxxxxx Share this post Link to post Share on other sites
Daddl 10 Posted July 14, 2005 I have a 3com gateway myself, maybe I can help.But I need to know which model you have. 3CRxxxxx 3CRWE554G72T (software version 2.01.05) I got it working by disabling the SPI & DoS Protection while playing online, but that can be just a temporary solution. Share this post Link to post Share on other sites
shadow 6 Posted July 15, 2005 SPI should have nothing to do with this as its for inbound traffic not outgoing. It has to be the DoS settings. When does the gateway start blocking your outbound traffic? The moment you try to connect to a OFP-server or after a while? Personally I don't see the importance of having the DoS protection enabled. Are you that big a hacker-target? My 3com gateway does'nt even have any selectable settings for SPI and DoS protection. edit: Try setting up OFP as a special application coming from 192.168.1.100 too. This is all very strange actually. You should'nt need to open any ports if you are not hosting. edit (again): Just keep SPI and DoS protection disabled. If you're actually exposed to a DoS attack it does'nt do much having that protection enabled. Your line is already overloaded because of all the traffic is still arriving at your gateway anyway. Its just a matter of the targeted computer on the other side locks up or not. Just talked with a few of my collegues. SPI is nothing but problems, especially when remote connecting through a terminal. Share this post Link to post Share on other sites
