svn commit: r44835 - head/en_US.ISO8859-1/books/faq

Dru Lavigne dru at
Wed May 14 21:35:25 UTC 2014

Author: dru
Date: Wed May 14 21:35:25 2014
New Revision: 44835

  Remove entry for games through PPP NAT. This has not been true for some time.
  Sponsored by:	iXsystems


Modified: head/en_US.ISO8859-1/books/faq/book.xml
--- head/en_US.ISO8859-1/books/faq/book.xml	Wed May 14 21:23:56 2014	(r44834)
+++ head/en_US.ISO8859-1/books/faq/book.xml	Wed May 14 21:35:25 2014	(r44835)
@@ -6425,92 +6425,6 @@ ATDT1234567</programlisting>
-	<question xml:id="ppp-nat-games">
-	  <para>Why do most games not work with the
-	    <option>-nat</option> switch?</para>
-	</question>
-	<answer>
-	  <para>The reason games and the like do not work when
-	    &man.libalias.3; is in use is that the machine on the
-	    outside will try to open a connection or send
-	    (unsolicited) UDP packets to the machine on the inside.
-	    The NAT software does not know that it should send these
-	    packets to the interior machine.</para>
-	  <para>To make things work, make sure that the only thing
-	    running is the software that you are having problems with,
-	    then either run &man.tcpdump.1; on the &man.tun.4;
-	    interface of the gateway or enable &man.ppp.8; TCP/IP
-	    logging (<literal>set log +tcp/ip</literal>) on the
-	    gateway.</para>
-	  <para>When you start the offending software, you should see
-	    packets passing through the gateway machine.  When
-	    something comes back from the outside, it will be dropped
-	    (that is the problem).  Note the port number of these
-	    packets then shut down the offending software.  Do this a
-	    few times to see if the port numbers are consistent.  If
-	    they are, then the following line in the relevant section
-	    of <filename>/etc/ppp/ppp.conf</filename> will make the
-	    software functional:</para>
-	  <programlisting>nat port <replaceable>proto</replaceable> <replaceable>internalmachine</replaceable>:<replaceable>port</replaceable> <replaceable>port</replaceable></programlisting>
-	  <para>where <replaceable>proto</replaceable> is either
-	    <literal>tcp</literal> or <literal>udp</literal>,
-	    <replaceable>internalmachine</replaceable> is the machine
-	    that you want the packets to be sent to and
-	    <replaceable>port</replaceable> is the destination port
-	    number of the packets.</para>
-	  <para>You will not be able to use the software on other
-	    machines without changing the above command, and running
-	    the software on two internal machines at the same time is
-	    out of the question — after all, the outside world
-	    is seeing your entire internal network as being just a
-	    single machine.</para>
-	  <para>If the port numbers are not consistent, there are
-	    three more options:</para>
-	  <orderedlist>
-	    <listitem>
-	      <para>Submit support in &man.libalias.3;.  Examples of
-		<quote>special cases</quote> can be found in
-		<filename>/usr/src/sys/netinet/libalias/alias_*.c</filename>
-		(<filename>alias_ftp.c</filename> is a good
-		prototype).  This usually involves reading certain
-		recognized outgoing packets, identifying the
-		instruction that tells the outside machine to initiate
-		a connection back to the internal machine on a
-		specific (random) port and setting up a
-		<quote>route</quote> in the alias table so that the
-		subsequent packets know where to go.</para>
-	      <para>This is the most difficult solution, but it is the
-		best and will make the software work with multiple
-		machines.</para>
-	    </listitem>
-	    <listitem>
-	      <para>Use a proxy.  The application may support
-		<literal>socks5</literal> for example, or may have a
-		<quote>passive</quote> option that avoids ever
-		requesting that the peer open connections back to the
-		local machine.</para>
-	    </listitem>
-	    <listitem>
-	      <para>Redirect everything to the internal machine using
-		<literal>nat addr</literal>.  This is the
-		sledge-hammer approach.</para>
-	    </listitem>
-	  </orderedlist>
-	</answer>
-      </qandaentry>
-      <qandaentry>
 	<question xml:id="fcs-errors">
 	  <para>What are FCS errors?</para>

More information about the svn-doc-all mailing list