Minecraft - Behind OPNSense

Started by Issa2024, November 17, 2024, 03:50:53 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 17, 2024, 03:50:53 PM
Hello, so i got my openSense installed and iwant add a new minecraft serveur behind it

this my configuration :

https://i.imgur.com/MonLopf.png

so with that not workink i dont'"t understand why, can u help me to figure why please ?


log i got in journal of opnSense :


   Interface      Heure   Source   Destination   Proto   Label   
wan      2024-11-17T14:43:15   IPCLIENT:42071   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:43:07   IPCLIENT:42071   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:43:03   IPCLIENT:42071   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:43:01   IPCLIENT:42071   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:43:00   IPCLIENT:42071   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:56   IPCLIENT:42020   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:48   IPCLIENT:42020   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:44   IPCLIENT:42020   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:42   IPCLIENT:42020   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:41   IPCLIENT:42020   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:24   IPCLIENT:42015   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:16   IPCLIENT:42015   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:12   IPCLIENT:42015   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:10   IPCLIENT:42015   192.168.25.12:25565   tcp   Default deny / state violation rule   
wan      2024-11-17T14:37:09   IPCLIENT:42015   192.168.25.12:25565   tcp   Default deny / state v


if u can hel me to explain what happening please ?

Why i can see all this wired port acces from internet with IPCLIENT on the firewall with this wired port and not only the port of Minecraft ?

Thanks
November 18, 2024, 11:50:23 AM #1
Because that's how networking works.

If the application doesn't specify what source port it uses it most likely will be random port generated by the application on the source.

Usually game servers specify only the Destination port that needs to be set by the source, the source port is generated randomly from the 49152–65535 range.


Regards,
S.
Networking is love. You may hate it, but in the end, you always come back to it.

OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G - VM HA(SOON)
N100   - i226-V | Crucial 16G  4800 DDR5 | S 980 500G - PROD
November 18, 2024, 12:11:08 PM #2
It looks like you've created an inbound firewall rule for port 25565 on 192.168.1.150, but the port-forward on "Box Internet" is pointing to 192.168.25.12. You'll either need to add port forwarding for on OPNsense (double-NAT), or if you don't want double-NAT, change the port-forward on "Box Internet" to point to 192.168.1.150 (and you'll probably need a static route on "Box Internet" for 192.168.1.0/24 (or whatever you're using for OPNsense's LAN) pointing to 192.168.25.12
Print
Go Up Pages1
User actions