Hi Walt,

I don't do exactly the same, but almost. Check out my pf.conf at

http://www.rinta-aho.org/blog/?p=364

There you can see that I forward certain ports to machine named "core7".

I also use 3 separate VLANs to the cable modem to get 3 (out of 5 that
I pay for) different IP addresses from the ISP. 1 is mapped to PS3, one
to a PC "core7", and the rest share the third IP address. So, there
is some extra complexity in my pf.conf.

Hope it helps.

Teemu

hi
it was working for me years ago with static-port

example:
nat on vr0 from 192.168.0.33 to any -> (vr0) static-port
nat on vr0 from 192.168.0.34 to any -> (vr0) static-port

rdr on vr0 inet proto udp from any to vr0 port 88 -> 192.168.0.33
rdr on vr0 inet proto { tcp, udp } from any to vr0 port 3074 -> 192.168.0.33
rdr on vr0 inet proto udp from any to vr0 port 3658 -> 192.168.0.34

don't remind exactly one for xbox and one for playstation, but you will find easily
cheers


----- Mail original -----
De: "Walt Elam" <***@gmail.com>
À: ***@benzedrine.cx
Envoyé: Jeudi 5 Décembre 2013 02:16:03
Objet: Xbox Live Help



I'm running pf on OpenBSD 5.2 and am unable to get a successful connection to Xbox Live. According to the documention I found here: http://support.xbox.com/en-US/xbox-360/networking/network-ports-used-xbox-live

I need to forward ports 88 (UDP), 3074 (UDP/TCP), 53 (UDP,TCP), and 80 (TCP) to the xbox360. This seems simple enough but I have been unsuccessful.


So far I have tried using pf rules found on calomel.org ( https://calomel.org/pf_config.html ), as well as rules/suggestions from an article on nuux.net ( https://nuxx.net/blog/2009/01/06/xbox-live-open-nat-using-pf-on-openbsd/ ). As a last resort I tried installing and enabling miniupnpd which also failed to solve my problem. I'm really not sure what I'm doing wrong, so here is the relevant portion of my PF config (the xbox360 gets a static ip of 192.168.13.120 which I've verified on the xbox itself):

ext_if = "re0"
int_if = "em0"
xbox360 = "192.168.13.120"




xbox_out_udp = "{ 53, 88, 3074 }"
xbox_out_tcp = "{ 53, 80, 3074 }"
xbox_in_udp = "{ 53, 88, 3074 }"



match out on $ext_if from $xbox360 to any received-on $int_if \
nat-to ($ext_if:0) static-port
match out on $ext_if from $localnet nat-to ($ext_if)



# Redirect xbox live ports to the xbox
pass in on $ext_if inet proto udp from !($ext_if) \
to ($ext_if) port $xbox_in_udp rdr-to $xbox360


# Pass in traffic for the xbox
pass in quick on $ext_if inet proto udp from !($ext_if) \
to $xbox360 port $xbox_in_udp
pass in quick on $int_if inet proto udp from $xbox360 to any port $xbox_out_udp
pass in quick on $int_if inet proto tcp from $xbox360 to any port $xbox_out_tcp
pass out quick on $int_if inet proto udp from any to $xbox360 port $xbox_in_udp


In addition, I have posted my full pf.conf, as well as a tcpdump of the traffic when trying to connect to Xbox Live. With my limited knowledge it appears that the kerberos connection is failing, but I really don't know.

pf.conf: see attached or http://pastebin.com/UBmZnqYn
tcpdump: see attached


Lastly, I hooked my xbox360 straight up to the modem and was able to successfully connect, so it does appear to be an issue with my firewall config.


Does anyone have a working config that allows an Xbox Live connection, or can anyone see what I'm doing incorrectly? I've been trying lots of different things for a few days and am at a loss as to what I'm doing wrong.


Thanks,


-Walt