Originally Posted by DarkDeviL (Post 2669445)

iptables works the way that the first matching rule is the one that defines what happens, further queries down the road won't be considered.

So if you have a set of trusted IP addresses, let's say the following list:

- 192.168.123.241
- 10.43.88.0/24 (range from 10.43.88.0 to 10.43.88.255)
- 172.30.0.0/16 (172.30.0.0 - 172.30.255.255),

To add them as trusted, simply add:

On the the 6th line and forward, e.g.:

Be sure that you're not opening up too much here, but only add the individual IP addresses / *small* group of networks that you actually trust 100%.

If necessary, you can do the same rules once more, replacing "-p tcp" with "-p udp" to liften up UDP filters.


HLSW (at least in the past), is tied to the IP address of your own personal internet connection - the IP address you are browsing from, and typically likely very dynamic. In many cases today, ISP's run multiple behind one using Carrier Grade NAT.

As such, opening up 100% for the IP you're on from yourself, might also open up for your neighbours and others on the same ISP, and may be causing much more harm than good. So I wouldn't really suggest opening up for a normal residential connections.

Only do such white-listing with caution. :!:

Originally Posted by vn_lind (Post 2748250)

hi,

this must be done for every port that you have server running on ?

Originally Posted by TomL. (Post 2748301)

He's talking about whistling ip addresses, not opening specific ports.
But yes if you want to allow only connections via specific ports you need to add all of the game transmission ports for each server/application.