server behind firewall opens random listen port?

[ossipetz]

Hello

 

We run an avorion server on a dedicated server. So far it worked. But we decided to enable a firewall since there are other services on that server as well that are not supposed to be visible on the web.

 

We followed the instructions in the wiki https://avorion.gamepedia.com/Setting_up_a_server and opened up ports 27000-27037 (included some of the steam ports as well). The server is visible. When we try to connect the password is requested. But then no connection is possible. The server port is connectable:

 

nc -zv OURHOST 27015
found 0 associations
found 1 connections:
     1:	flags=82<CONNECTED,PREFERRED>
outif en0
        ...
Connection to OURHOST port 27015 [tcp/*] succeeded!

 

We noted on the server that while the client is connecting the avorion server opens up another random port (46669, 47494, 44035, ...). But that range is not configurable?

 

The avorion server log shows some activity:

OnP2PSessionRequest from 765...
STEAMPS3 - AsyncTCPSocket created
STEAMPS3 - AsyncTCPSocket created
STEAMPS3 - AsyncTCPSocket created
STEAMPS3 - AsyncTCPSocket created
STEAMPS3 - AsyncTCPSocket created
Client 765... lost connection
STEAMPS3 - AsncTCPSocket destroyed
STEAMPS3 - AsncTCPSocket destroyed
STEAMPS3 - AsncTCPSocket destroyed
STEAMPS3 - AsncTCPSocket destroyed
STEAMPS3 - AsncTCPSocket destroyed
Ending authentication session of 765...

 

 

Is there something else we have to forward other that what is mentioned on the wiki?

There may be a conflicting rule we use for ssh: allow all 32768-65535 with TCP Flags: ACK

 

any hints would be great!

thanks :-)