iptables, q3ded, ubuntu 6.06, help

[rgoer]

hello nerds

I have a ubuntu 6.06 box that I'm trying to run a q3ded server on, so I added tcp dport:27960 and udp dport:27960 flagged as ACCEPT with a source and destination of anywhere under my INPUT chain... but whenever I try to connect to my domain from the console of a q3 client it just sits there "awaiting challenge" as if it can't even see the server running.

Is there anything else you have to do to iptables (or anything else, for that matter) in order to get a q3 linux dedicated server to listen to the outside world?

[+JuggerNaut+]

i'm gonna make you.

[rgoer]

ok

[+JuggerNaut+]

made you post your 3000th post. congrats.

misantropia will be along shortly to assist you.

[Underpants?]

been awhile for me, so like Doombra, I'm casting blind, here:
set ip var is stated in your server.cfg?
iptables doesn't need a source statement for the dedicated server. Try this (eth0 may not be an ubuntu convention):
iptables -A INPUT -i eth0 -p udp --dport 27960 -d external.ip.add.ress -j ACCEPT
EDIT:
have you added the 'stateful connection' bit in before that line?
ie.
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
and if you want to play on the ubuntu add a line for
iptables -A INPUT -p udp --dport 27960 -j ACCEPT

[rgoer]

actually nevermind it was my own dumb fault

I added my q3 iptables rules at the end of the INPUT chain, forgetting that the rules get evaluated in order... so tcp and udp for port 27960 were getting accepted after my "drop anything I haven't already accepted" rule had already killed them. I re-ordered my iptables rules and now everything works. Thanks anyway :-)

[dzjepp]

btw

[Underpants?]

STOP USE!
Good work. HF

[dzjepp]

COCKS!