############################################################################## # Sybergen Access Server and SyGate Application Rule Configuration File # version 1.9 # Copyright(c) 2000 by Sybergen Networks Inc., all rights reserved. # ############################################################################## # # For details, please visit: http://www.sybergen.com/support/conf_sg.htm # http://www.sybergen.com/support/applications.htm # # Overview: # # This file defines a list of rules for Sybergen Access Server or SyGate to # follow when processing packets. According to each rule, Sybergen Secure # Desktop or SyGate will dynamically create a serias of tunnels to provide # the path for packets to flow through. # # # ---------------------------------------------------------------------------------------- # An application rule consists of: # # :INIT # Triggering Transaction # :SUB # Sub-trans-1 # Sub-trans-2 # ........ # :END # # Where: is the name of the application. This could be any name. See example # for detail. # Triggering transaction is the first traffic the application generates # # Sub-trans-x and Triggering Transaction could be "Inbound Trans" and "Outbound Trans" # defined below respectively. # # ---------------------------------------------------------------------------------------- # Inbound Trans Syntax: # # Direction ProtocolType DestinationPortLow DestinationPortHigh ClientIP ClientPort MaxIdleTime Options # # Description: # =========== # # Filed Name Valid Value # ========== =========== # # Direction: IN # ProtcolType: "TCP" or "UDP" # # DestinationPortHigh: The upper bound of the destination port range # DestinationPortLow: The lower bound of the destination port range # # (note: INIT Trans have and only have one port. The current version doesn't support # a range of ports on INIT trans. In the other words, PortHigh shall be equal to # PortLow on INIT trans. # # ClientIp: This field tells Sybergen Access Server or SyGate where to pass the # incoming packet with the destination port in the range defined by # DestinationPortHigh and DestinationPortLow. # # This field has to be set to 0.0.0.0 for Sub-trans-x. # For Triggering Transaction, this field must be set to the IP # of one of the clients. # # ClientPort: This field tells Sybergen Access Server or SyGate which port of the # ClientIp to send the incoming packet with the destination port in # the range defined by DestinationPortHigh and DestinationPortLow. # # If this value is 0, the packet will be send to the port same # as the destination port of the incoming packet. # If this value is not zero, the packet will be sent to the defined # port instead of the original destination port. By doing this, we # can redirect the packets sent to # port 8080 of Sybergen Access Server or SyGate PC to port 80 of # Sybergen Access Server or SyGate client by using # following line: # # IN TCP 8080 8080 192.168.0.2 80 0 - # # # MaxIdleTime: This field tells Sybergen Access Server or SyGate to close the tunnel # after certain idle milliseconds. # # Set to 0 for Sybergen Access Server or SyGate to use the default # idle timeout value. # # # Options: # - ----- None # # M ----- This value tells Sybergen Access Server or SyGate # to close all Sub-tunnels if the triggering connection no # longer exists due to either timeout or user application disconnect, # etc. # This option is only valid in Triggering Transaction. # # H ----- H.323 specfic rule. Sybergen Access Server or # SyGate will process the packets according to H.323 protocol. # Users should not use this option to define new rules. # # A ----- This option tells Sybergen Access Server or SyGate # to pass packets from any remote hosts to specific port defined # in the rule. If this option is not specified, only the packets # from the remote host that the Triggering Transaction visited # can be passed to the ClientPort of the triggering client. See # "DirectPlay" rule for more details. # # D ----- This option can only be used in Sub-Trans-x. It tells # Sybergen Access Server or SyGate to keep creating tunnels for # each connection between the triggering Sybergen Access Server # or SyGate client and remote hosts. Without this option, only one # tunnel can be created for each Sub-Trans-x rule. See "DirectPlay" # rule for more details. # # ---------------------------------------------------------------------------------------- # # Outbound Trans Syntax: # # Direction ProtocolType DestinationPortLow DestinationPortHigh ClientIp MaxIdleTime Options # # Description: # =========== # # Direction: OUT # # ProtcolType: "TCP" or "UDP" # # DestinationPortHigh: The upper bound of the destination port range # DestinationPortLow: The lower bound of the destination port range # # (note: INIT Trans have and only have one port. The current version doesn't support # a range of ports on INIT trans. In the other words, PortHigh shall be equal to # PortLow on INIT trans. # # ClientIp: This field tells Sybergen Access Server or SyGate which client # can trigger the rule. In Trigger Tansaction, 0.0.0.0 means any # client can trigger. In Sub-Trans-x, ClietnIP has to be 0.0.0.0 # # MaxIdleTime: This field tells Sybergen Access Server or SyGate to close the # tunnel after certain idle milliseconds. # # Set to 0 for Sybergen Access Server or SyGate to use the default # idle timeout value. # # Options: # - ----- None # # M ----- This value tells Sybergen Access Server or SyGate # to close all Sub-tunnels if the triggering connection no longer # exists due to either timeout or user application disconnect, etc. # This option is only valid in Triggering Transaction. # # R ----- This option tells Sybergen Access Server or SyGate # to use a different source port to send the packet. See # "DirectPlay" rule for more details. # # H ----- H.323 specfic rule. Sybergen Access Server or SyGate # will process the packets according to H.323 protocol. Users # should not use this option to define new rules. # # F ----- FTP activity mode specfic. Users should not use this # option to define new rules. # # I ----- IRC DCC mode specifc. Users should not use this option # to define new rules. # # D ----- This option can only be used in Sub-Trans-x. It tells # Sybergen Access Server or SyGate keep creating tunnels for each # connection between the triggering Sybergen Access Server or # SyGate client and remote hosts. Without this option, only one # tunnel can be created for each Sub-Trans-x rule. See "DirectPlay" # rule for more details. # # Note: 1) After making any changes to this file, you MUST stop and restart the # Sybergen Access Server or SyGate service for your changes # to be in effect. # 2) Un-installing or re-installing Sybergen products may remove or update # this file. # Please save a copy of any change you made in this file. ############################################################################# # # TROUBLESHOOTING # # # For the apprule to work, there are certain way to check for error. # Example: # # # # # :INIT "Our FTP server" # # IN TCP 21 21 192.168.0.2 0 86400000 - # # :SUB # # :END # # # # 1) No "#" sign and blank space in front of this rule. # 2) No error initialing the previous rule # # :INIT "Our FTP server" # IN TCP 21 21 192.168.0.2 0 86400000 - # :SUB # :END # # 3) Check the log file in the Sybergen Access Server or SyGate Manager under # troubleshooting to see if the rule is being properly executed. # # ############################################################################# ##### SYSTEM DEFINITION ################################################## # FTP Active mode :INIT "FTP Active mode" OUT TCP 21 21 0.0.0.0 86400000 MRF :SUB :END # IRC DCC. The IRC port is usually 6660-6670, 7000, 8888, or 9999 # If you are using a different port number just change one of # these apprules to the port number you are using. :INIT "mIRC port 6660" OUT TCP 6660 6660 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6661" OUT TCP 6661 6661 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6662" OUT TCP 6662 6662 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6663" OUT TCP 6663 6663 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6664" OUT TCP 6664 6664 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6665" OUT TCP 6665 6665 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6666" OUT TCP 6666 6666 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6667" OUT TCP 6667 6667 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6668" OUT TCP 6668 6668 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6669" OUT TCP 6669 6669 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 6670" OUT TCP 6670 6670 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 7000" OUT TCP 7000 7000 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 8888" OUT TCP 8888 8888 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC port 9999" OUT TCP 9999 9999 0.0.0.0 0 MRI :SUB IN TCP 59 59 0.0.0.0 0 0 - IN TCP 113 113 0.0.0.0 0 0 - :END :INIT "mIRC Chat" OUT TCP 100 100 0.0.0.0 0 MRI :SUB IN TCP 101 101 0.0.0.0 0 0 - :END :INIT "mIRC Fserve" OUT TCP 110 110 0.0.0.0 0 MRI :SUB IN TCP 111 111 0.0.0.0 0 0 - :END :INIT "mIRC Send" OUT TCP 120 120 0.0.0.0 0 MRI :SUB IN TCP 121 121 0.0.0.0 0 0 - :END :INIT "mIRC Get" OUT TCP 130 130 0.0.0.0 0 MRI :SUB IN TCP 131 131 0.0.0.0 0 0 - OUT TCP 132 132 0.0.0.0 0 - :END ##### USER DEFINITION ######## # CU-SeeMe # # This will allow you to connect to the CU-SeeMe network. # You will need to have the H.323 apprule in order to video # conference with anyone. :INIT "CU-SeeMe" OUT UDP 24032 24032 0.0.0.0 0 R :SUB IN UDP 1414 1414 0.0.0.0 0 0 ADH IN UDP 1424 1424 0.0.0.0 0 0 ADH IN TCP 1503 1503 0.0.0.0 0 0 AD IN TCP 1720 1720 0.0.0.0 0 0 ADH IN UDP 1812 1813 0.0.0.0 0 0 AD IN TCP 7640 7640 0.0.0.0 0 0 AD IN TCP 7642 7642 0.0.0.0 0 0 AD IN UDP 7648 7648 0.0.0.0 0 0 AD IN TCP 7648 7648 0.0.0.0 0 0 AD IN TCP 7649 7649 0.0.0.0 0 0 AD IN UDP 24032 24032 0.0.0.0 0 0 AD IN UDP 56800 56800 0.0.0.0 0 0 AD OUT UDP 1414 1414 0.0.0.0 0 DH OUT UDP 1424 1424 0.0.0.0 0 DH OUT TCP 1503 1503 0.0.0.0 0 D OUT TCP 1720 1720 0.0.0.0 0 DH OUT UDP 1812 1813 0.0.0.0 0 D OUT TCP 7640 7640 0.0.0.0 0 D OUT TCP 7642 7642 0.0.0.0 0 D OUT UDP 7648 7648 0.0.0.0 0 D OUT TCP 7648 7648 0.0.0.0 0 D OUT TCP 7649 7649 0.0.0.0 0 D OUT UDP 56800 56800 0.0.0.0 0 D :END # Internet Phone :INIT "Internet Phone 5" OUT UDP 22555 22555 0.0.0.0 0 - :SUB :END # Net2Phone :INIT "Net2Phone" OUT UDP 6801 6801 0.0.0.0 0 R :SUB IN UDP 1 30000 0.0.0.0 0 0 AD IN TCP 1 30000 0.0.0.0 0 0 AD :END # Calista Incoming :INIT "Calista IP Phone" OUT TCP 4099 4099 0.0.0.0 0 R :SUB IN UDP 3000 3000 0.0.0.0 0 0 D :END # BAYVPN :INIT "BAYVPN" OUT UDP 500 500 0.0.0.0 0 - :SUB :END # FW1VPN :INIT "FW1VPN" OUT UDP 259 259 0.0.0.0 0 - :SUB :END # Shiva VPN # (set the mobile option in the Shiva VPN client software # to be your public IP address) # :INIT "Shiva VPN" # OUT UDP 2233 2233 0.0.0.0 0 - # :SUB # IN UDP 2233 2233 0.0.0.0 0 0 AD # :END # CITRIX Metaframe :INIT "CITRIX Metaframe" OUT TCP 1494 1494 0.0.0.0 0 R :SUB IN TCP 1494 1494 0.0.0.0 0 0 AD :END # MS Terminal Server :INIT "MS Terminal Server" OUT TCP 3389 3389 0.0.0.0 0 R :SUB IN TCP 3389 3389 0.0.0.0 0 0 AD :END # NTP (Network Time Protocol) :INIT "Network Time Protocol" OUT UDP 123 123 0.0.0.0 0 R :SUB IN UDP 123 123 0.0.0.0 0 0 AD :END # CrisNet :INIT "CrisNet" OUT TCP 32760 32760 0.0.0.0 0 R :SUB IN TCP 1367 1367 0.0.0.0 0 0 AD IN TCP 32760 32760 0.0.0.0 0 0 AD :END # RealAudio on Port 7070 :INIT "RealAudio 7070" OUT TCP 7070 7070 0.0.0.0 0 R :SUB IN UDP 6970 7170 0.0.0.0 0 0 AD :END # QuickTime 4 Client & RealAudio on Port 554 :INIT "QuickTime" OUT TCP 554 554 0.0.0.0 0 R :SUB IN UDP 6970 32000 0.0.0.0 0 0 AD :END # QuickTime 4 Server - Modification tested on 8/9/99 # (change 192.168.0.2 to correct IP address) # :INIT "QuickTime Server" # IN TCP 6970 6970 192.168.0.2 0 0 - # :SUB # IN UDP 6970 7000 0.0.0.0 0 0 AD # :END # Napster :INIT "Napster" OUT TCP 6699 6699 0.0.0.0 0 R :SUB IN TCP 6699 6699 0.0.0.0 0 0 AD :END # Netop Remote control :INIT "Netop Remote control" OUT UDP 6502 6502 0.0.0.0 0 R :SUB IN UDP 6502 6502 0.0.0.0 0 0 AD :END # Netop Remote control # (change 192.168.0.2 to correct IP address of your Netop server) # :INIT "Netop Remote control Server" # IN UDP 6502 6502 192.168.0.2 0 0 - # :SUB # :END # Timbuktu :INIT "Timbuktu" OUT TCP 407 407 0.0.0.0 0 R :SUB IN TCP 1024 65534 0.0.0.0 0 0 D :END # Virtual Network Computing - VNC :INIT "VNC" OUT TCP 5900 5900 0.0.0.0 0 R :SUB IN TCP 5900 5900 0.0.0.0 0 0 AD :END # Virtual Network Computing - VNC Server # (change 192.168.0.2 to correct IP address of your VNC server) # :INIT "VNC Server" # IN TCP 5900 5900 192.168.0.2 0 0 - # :SUB # :END # GUNtelle :INIT "GNUtella" OUT TCP 6346 6346 0.0.0.0 0 R :SUB IN UDP 6346 6346 0.0.0.0 0 0 AD :END # Dialpad :INIT "Dialpad" OUT TCP 7175 7175 0.0.0.0 0 R :SUB IN UDP 51200 51201 0.0.0.0 0 0 AD IN TCP 51210 51210 0.0.0.0 0 0 AD IN TCP 1584 1585 0.0.0.0 0 0 AD OUT TCP 8680 8686 0.0.0.0 0 D :END # How To Use ICQ with Sybergen Access Server and SyGate # This apprule is needed because ICQ needs to listen to some TCP ports # to receive incoming events. # # By default, the machines behind Sybergen Access Server or SyGate can # send messages, and create chat but others on Internet cannot send messages # create chat rooms or send files directly to Sybergen Access Server or # SyGate clients. # --------------------------------------------------------------------- # ICQ99 for one client # # One User version, only one user can be supported behind SyGate or # Sybergen Access Server with this apprule. In ICQ under # 'Preferences & security', click 'Preferences' and then goto Connections, # click on 'I am behind a firewall or proxy' then click on # 'Firewall Settings' then click 'I don't have a SOCKS Proxy # server on my firewall or I am using another Proxy server' then click # Next then click 'Use the following TCP listen ports for incoming event' # and set the TCP ports for 20000 to 20019. # :INIT "ICQ99" OUT UDP 4000 4000 0.0.0.0 18000000 R :SUB IN TCP 20000 20019 0.0.0.0 0 0 AD :END # # # --------------------------------------------------------------------- # ICQ99 for multiple clients # # On the following appules, change the IP address to the IP address of the # ICQ client. Then enable the following apprules, one for each ICQ client. # Then in ICQ under 'Preferences & security', 'Preferences' and Connections, # click on 'I am behind a firewall or proxy' then click on 'Firewall Settings' # then click 'I don't have a SOCKS Proxy server on my firewall or I am using # another Proxy server' then click Next then click 'Use the following TCP # listen ports for incoming event' and set the TCP ports for the corresponding # port numbers (20000 to 20019; 20020 to 20039; 20040 to 20059). # # Note: ICQ99 single client apprule must be disabled for these ones to work. # # :INIT "ICQ99 client 1" # OUT UDP 4000 4000 192.168.0.2 18000000 R # :SUB # IN TCP 20000 20019 0.0.0.0 0 0 AD # :END # # :INIT "ICQ99 client 2" # OUT UDP 4000 4000 192.168.0.3 18000000 R # :SUB # IN TCP 20020 20039 0.0.0.0 0 0 AD # :END # # :INIT "ICQ99 client 3" # OUT UDP 4000 4000 192.168.0.4 18000000 R # :SUB # IN TCP 20040 20059 0.0.0.0 0 0 AD # :END # # # --------------------------------------------------------------------- # ICQ2000 for one client & AIM Talk # # One User version, only one user can be supported behind SyGate or # Sybergen Access Server with this apprule. In ICQ under # 'Preferences & security', click 'Preferences' Then goto Connections, click on User, # click on 'Not using Proxy' then click 'Use the following TCP listen # ports for incoming event' and set the TCP ports for 20000 to 20019. # :INIT "ICQ2000 & AIM Talk" OUT TCP 5190 5190 0.0.0.0 18000000 R :SUB IN TCP 5190 5190 0.0.0.0 0 0 D IN TCP 20000 20019 0.0.0.0 0 0 AD :END # # # --------------------------------------------------------------------- # ICQ2000 for multiple clients # # On the following appules, change the IP address to the IP address of the # ICQ client. Then enable the following apprules, one for each ICQ client. # In ICQ under 'Preferences & security', click 'Preferences' Then goto Connections, click # on User, click on 'Not using Proxy' then click 'Use the following TCP listen # ports for incoming event' and set the TCP ports for the corresponding # port numbers (20000 to 20019; 20020 to 20039; 20040 to 20059). # # Note: ICQ2000 single client apprule must be disabled for these ones to work. # # :INIT "ICQ2000 client 1" # OUT TCP 5190 5190 192.168.0.2 18000000 R # :SUB # IN TCP 5190 5190 0.0.0.0 0 0 D # IN TCP 20000 20019 0.0.0.0 0 0 AD # :END # # :INIT "ICQ2000 client 2" # OUT TCP 5190 5190 192.168.0.3 18000000 R # :SUB # IN TCP 5190 5190 0.0.0.0 0 0 D # IN TCP 20020 20039 0.0.0.0 0 0 AD # :END # # :INIT "ICQ2000 client 3" # OUT TCP 5190 5190 192.168.0.4 18000000 R # :SUB # IN TCP 5190 5190 0.0.0.0 0 0 D # IN TCP 20040 20059 0.0.0.0 0 0 AD # :END # BuddyPhone - with GameRouter # # Each computer using BuddyPhone will use a unique listoning port # number, use port number 710 and up for each client. In BuddyPhone, # set the first client to 710, the next to 711, the next to 712 and # so on. Then change the IP address of the following apprules to # corespond with the IP address of the BuddyPhone client. And then # enable the apprule. # # :INIT "BuddyPhone client1" # OUT TCP 700 700 192.168.0.2 0 R # :SUB # IN TCP 710 710 0.0.0.0 0 0 AD # :END # # :INIT "BuddyPhone client2" # OUT TCP 700 700 192.168.0.3 0 R # :SUB # IN TCP 711 711 0.0.0.0 0 0 AD # :END # # :INIT "BuddyPhone client3" # OUT TCP 700 700 192.168.0.4 0 R # :SUB # IN TCP 712 712 0.0.0.0 0 0 AD # :END # Abbott Chat :INIT "Abbott Chat" OUT UDP 18236 18236 0.0.0.0 0 R :SUB IN UDP 18231 18231 0.0.0.0 0 0 AD IN TCP 18232 18235 0.0.0.0 0 0 AD :END # PalTalk :INIT "PalTalk1" OUT TCP 5001 5001 0.0.0.0 0 R :SUB IN UDP 2090 2091 0.0.0.0 0 0 AD IN TCP 2090 2091 0.0.0.0 0 0 AD IN TCP 2095 2095 0.0.0.0 0 0 AD IN TCP 5200 5203 0.0.0.0 0 0 AD OUT UDP 2090 2091 0.0.0.0 0 D OUT TCP 2090 2091 0.0.0.0 0 D OUT TCP 2095 2095 0.0.0.0 0 D OUT TCP 5200 5203 0.0.0.0 0 D :END :INIT "PalTalk2" OUT TCP 5002 5002 0.0.0.0 0 R :SUB IN UDP 2090 2091 0.0.0.0 0 0 AD IN TCP 2090 2091 0.0.0.0 0 0 AD IN TCP 2095 2095 0.0.0.0 0 0 AD IN TCP 5200 5203 0.0.0.0 0 0 AD OUT UDP 2090 2091 0.0.0.0 0 D OUT TCP 2090 2091 0.0.0.0 0 D OUT TCP 2095 2095 0.0.0.0 0 D OUT TCP 5200 5203 0.0.0.0 0 D :END :INIT "PalTalk3" OUT TCP 5003 5003 0.0.0.0 0 R :SUB IN UDP 2090 2091 0.0.0.0 0 0 AD IN TCP 2090 2091 0.0.0.0 0 0 AD IN TCP 2095 2095 0.0.0.0 0 0 AD IN TCP 5200 5203 0.0.0.0 0 0 AD OUT UDP 2090 2091 0.0.0.0 0 D OUT TCP 2090 2091 0.0.0.0 0 D OUT TCP 2095 2095 0.0.0.0 0 D OUT TCP 5200 5203 0.0.0.0 0 D :END :INIT "PalTalk4" OUT TCP 5004 5004 0.0.0.0 0 R :SUB IN UDP 2090 2091 0.0.0.0 0 0 AD IN TCP 2090 2091 0.0.0.0 0 0 AD IN TCP 2095 2095 0.0.0.0 0 0 AD IN TCP 5200 5203 0.0.0.0 0 0 AD OUT UDP 2090 2091 0.0.0.0 0 D OUT TCP 2090 2091 0.0.0.0 0 D OUT TCP 2095 2095 0.0.0.0 0 D OUT TCP 5200 5203 0.0.0.0 0 D :END :INIT "PalTalk5" OUT TCP 5005 5005 0.0.0.0 0 R :SUB IN UDP 2090 2091 0.0.0.0 0 0 AD IN TCP 2090 2091 0.0.0.0 0 0 AD IN TCP 2095 2095 0.0.0.0 0 0 AD IN TCP 5200 5203 0.0.0.0 0 0 AD OUT UDP 2090 2091 0.0.0.0 0 D OUT TCP 2090 2091 0.0.0.0 0 D OUT TCP 2095 2095 0.0.0.0 0 D OUT TCP 5200 5203 0.0.0.0 0 D :END :INIT "PalTalk Video" OUT TCP 8080 8080 0.0.0.0 0 - :SUB IN TCP 8080 8080 0.0.0.0 0 0 AD :END # ICUII Client :INIT "ICUII Client" OUT TCP 2019 2019 0.0.0.0 0 R :SUB IN TCP 2000 2038 0.0.0.0 0 0 AD IN TCP 2050 2051 0.0.0.0 0 0 AD IN TCP 2069 2069 0.0.0.0 0 0 AD IN TCP 2085 2085 0.0.0.0 0 0 AD IN TCP 3010 3030 0.0.0.0 0 0 AD OUT TCP 2000 2038 0.0.0.0 0 D OUT TCP 2050 2051 0.0.0.0 0 D OUT TCP 2069 2069 0.0.0.0 0 D OUT TCP 2085 2085 0.0.0.0 0 D OUT TCP 3010 3030 0.0.0.0 0 D :END # MSN Messenger :INIT "MSN Messenger" OUT TCP 1863 1863 0.0.0.0 18000000 R :SUB IN TCP 1863 1863 0.0.0.0 0 0 AD :END # Powwow 4.0 # # This apprule must be used with the MSN Messanger apprule :INIT "Powwow 4.0" OUT TCP 13224 13224 0.0.0.0 0 R :SUB IN TCP 13223 13224 0.0.0.0 0 0 AD IN TCP 23213 23214 0.0.0.0 0 0 AD IN UDP 13223 13223 0.0.0.0 0 0 AD :END # Ultima Online :INIT "Ultima Online" OUT TCP 7775 7775 0.0.0.0 0 R :SUB IN TCP 5001 5010 0.0.0.0 0 0 AD IN TCP 7775 7777 0.0.0.0 0 0 AD IN TCP 8888 8888 0.0.0.0 0 0 AD IN TCP 8800 8900 0.0.0.0 0 0 AD IN TCP 9999 9999 0.0.0.0 0 0 AD IN TCP 7875 7875 0.0.0.0 0 0 AD OUT TCP 5001 5010 0.0.0.0 0 D OUT TCP 7775 7777 0.0.0.0 0 D OUT TCP 8888 8888 0.0.0.0 0 D OUT TCP 8800 8900 0.0.0.0 0 D OUT TCP 9999 9999 0.0.0.0 0 D OUT TCP 7875 7875 0.0.0.0 0 D :END # H.323 compliant video player, NetMeeting 2.0, 3.0, Intel Video Phone # Incoming calls are not possible due to NetMeeting assigning ports # dynamically. - Modification tested 1-12-2000 :INIT "Netmeeting" OUT TCP 1720 1720 0.0.0.0 0 RH :SUB IN UDP 1024 65534 0.0.0.0 0 0 DH OUT UDP 1024 65534 0.0.0.0 0 DH IN TCP 1024 1502 0.0.0.0 0 0 DH OUT TCP 1024 1502 0.0.0.0 0 DH IN TCP 1504 1730 0.0.0.0 0 0 DH OUT TCP 1504 1730 0.0.0.0 0 DH IN TCP 1732 65534 0.0.0.0 0 0 DH OUT TCP 1732 65534 0.0.0.0 0 DH OUT TCP 1503 1503 0.0.0.0 0 D OUT TCP 1731 1731 0.0.0.0 0 D IN TCP 1503 1503 0.0.0.0 0 0 D IN TCP 1731 1731 0.0.0.0 0 0 D :END # Diablo 2 for Battle.Net # Created By Jonas Tampier # # Because of some limitations with Blizzards battle.net only one person # at a time can play Diablo or WarCraft. StarCraft, however supports # multiple Sybergen Access Server clients and SyGate clients playing at # the same time. But the Sybergen Access Server and SyGate server can # not join a game with any of its client computers. :INIT "Diablo 2 for Battle.Net" OUT TCP 6112 6112 0.0.0.0 0 R :SUB IN UDP 6112 6119 0.0.0.0 0 0 AD IN UDP 4000 4000 0.0.0.0 0 0 AD OUT UDP 6112 6119 0.0.0.0 0 AD OUT UDP 4000 4000 0.0.0.0 0 AD IN TCP 6112 6119 0.0.0.0 0 0 AD IN TCP 4000 4000 0.0.0.0 0 0 AD OUT TCP 6112 6119 0.0.0.0 0 AD OUT TCP 4000 4000 0.0.0.0 0 AD :END # Diablo 2 for TCP/IP host # (Change 192.168.0.2 to the IP address of your Diablo 2 server) # :INIT "Diablo 2 for TCP/IP host" # IN TCP 4000 4000 192.168.0.2 0 0 A # :SUB # IN TCP 6112 6119 0.0.0.0 0 0 AD # IN TCP 4000 4000 0.0.0.0 0 0 AD # IN UDP 6112 6119 0.0.0.0 0 0 AD # IN UDP 4000 4000 0.0.0.0 0 0 AD # OUT TCP 6112 6119 0.0.0.0 0 AD # OUT TCP 4000 4000 0.0.0.0 0 AD # OUT UDP 6112 6119 0.0.0.0 0 AD # OUT UDP 4000 4000 0.0.0.0 0 AD # :END # Asherons Call # Created by Alan Templeman San Antonio, TX :INIT "Asherons Call 1" OUT UDP 9000 9000 0.0.0.0 0 D :SUB OUT UDP 9004 9004 0.0.0.0 0 D OUT UDP 9008 9008 0.0.0.0 0 D OUT UDP 9012 9012 0.0.0.0 0 D IN UDP 9000 9013 0.0.0.0 0 0 AD :END :INIT "Asherons Call 2" OUT UDP 9004 9004 0.0.0.0 0 D :SUB OUT UDP 9000 9000 0.0.0.0 0 D OUT UDP 9008 9008 0.0.0.0 0 D OUT UDP 9012 9012 0.0.0.0 0 D IN UDP 9000 9013 0.0.0.0 0 0 AD :END # Everquest # # 1. Make sure you're using the latest build of SyGate # 2. Install the EverQuest game on the SyGate server. It doesn't need # to be running, just installed on the server. # # Everquest will work on SyGate. However, few customers have reported # it will freeze after playing the game for limited time and must reboot # the system. The only solution to it for now is to start the game on # SyGate server first, then let the client PC join the game, that will # solve the problem. We are still waiting for solution from the Sony # Interactive regarding this matter. # Abuse.net :INIT "Abuse.net" OUT TCP 43 43 0.0.0.0 0 R :SUB IN TCP 43 43 0.0.0.0 0 0 AD IN TCP 113 113 0.0.0.0 0 0 AD OUT TCP 113 113 0.0.0.0 0 D :END # ActiveWorld :INIT "ActiveWorld" OUT TCP 7777 7777 0.0.0.0 0 R :SUB IN TCP 7000 7100 0.0.0.0 0 0 AD :END # Netrek :INIT "Netrek" OUT TCP 2592 2592 0.0.0.0 0 R :SUB IN UDP 11000 12000 0.0.0.0 0 0 AD IN TCP 11687 11687 0.0.0.0 0 0 AD :END :INIT "Netrek Server List" OUT UDP 3521 3521 0.0.0.0 0 R :SUB IN UDP 7000 7010 0.0.0.0 0 0 AD :END # DirectPlay (Game Zone, Mplayer, Boneyards) - Modification tested on 8/16/99 # Most DirectPlay games use this rule :INIT "DirectPlay" OUT TCP 47624 47624 0.0.0.0 0 R :SUB IN TCP 47624 47624 0.0.0.0 0 0 AD IN UDP 2300 2400 0.0.0.0 0 0 AD IN TCP 2300 2400 0.0.0.0 0 0 AD OUT UDP 2300 2400 0.0.0.0 0 D OUT TCP 2300 2400 0.0.0.0 0 D IN TCP 9110 9110 0.0.0.0 0 0 AD OUT TCP 9110 9110 0.0.0.0 0 D IN TCP 9113 9113 0.0.0.0 0 0 AD OUT TCP 9113 9113 0.0.0.0 0 D IN TCP 28800 29000 0.0.0.0 0 0 AD OUT TCP 28800 29000 0.0.0.0 0 D IN UDP 8000 9000 0.0.0.0 0 0 AD IN TCP 8000 9000 0.0.0.0 0 0 AD OUT UDP 8000 9000 0.0.0.0 0 D OUT TCP 8000 9000 0.0.0.0 0 D :END # For hosting on the MSN Gaming Zone :INIT "The Zone" OUT UDP 28800 28800 0.0.0.0 0 R :SUB IN TCP 47624 47624 0.0.0.0 0 0 AD OUT TCP 47624 47624 0.0.0.0 0 D IN UDP 2300 2400 0.0.0.0 0 0 AD IN TCP 2300 2400 0.0.0.0 0 0 AD OUT UDP 2300 2400 0.0.0.0 0 D OUT TCP 2300 2400 0.0.0.0 0 D IN TCP 28800 29000 0.0.0.0 0 0 AD OUT TCP 28800 29000 0.0.0.0 0 D IN UDP 28800 28800 0.0.0.0 0 0 AD :END # Westwood Online - C&C Tiberian Sun & Dune 2000 # Note: Westwood Online supports only one user per public IP # address at any given time. Apprule courtesy of Quantus' World :INIT "Westwood Online" OUT TCP 4000 4000 0.0.0.0 0 R :SUB IN TCP 4000 4000 0.0.0.0 0 0 AD IN UDP 1140 1234 0.0.0.0 0 0 AD IN TCP 1140 1234 0.0.0.0 0 0 AD OUT UDP 1140 1234 0.0.0.0 0 D OUT TCP 1140 1234 0.0.0.0 0 D :END # Rainbow Six :INIT "Rainbow Six" OUT TCP 2346 2346 0.0.0.0 0 R :SUB IN TCP 2346 2346 0.0.0.0 0 0 AD :END # Rainbow Six server # (Change 192.168.0.2 to the IP address of your Rainbow Six server) # :INIT "Rainbow Six Server" # IN TCP 2346 2346 192.168.0.2 0 0 - # :SUB # :END # Delta Force :INIT "Delta Force" OUT UDP 3568 3568 0.0.0.0 0 R :SUB IN TCP 3100 3999 0.0.0.0 0 0 AD IN UDP 3100 3999 0.0.0.0 0 0 AD OUT UDP 3100 3999 0.0.0.0 0 D OUT TCP 3100 3999 0.0.0.0 0 D :END # Delta Force Server # Where 192.168.0.2 is your Delta Force server # :INIT "Delta Force Server" # OUT UDP 3568 3568 192.168.0.2 0 - # :SUB # IN TCP 3100 3999 0.0.0.0 0 0 AD # IN UDP 3100 3999 0.0.0.0 0 0 AD # OUT UDP 3100 3999 0.0.0.0 0 D # OUT TCP 3100 3999 0.0.0.0 0 D # :END # Soldier Of Fortune :INIT "Soldier Of Fortune" OUT TCP 28910 28910 0.0.0.0 0 R :SUB IN TCP 28910 28910 0.0.0.0 0 0 AD :END # Half Life :INIT "Half Life" OUT TCP 27015 27015 0.0.0.0 0 R :SUB IN TCP 27015 27015 0.0.0.0 0 0 AD :END # Half Life Server # (change 192.168.0.2 to correct IP address of your Half Life server) # :INIT "Half Life Server" # IN TCP 27015 27015 192.168.0.2 0 0 - # :SUB # :END # Tribes1 Server # (Change 192.168.0.2 to the IP address of your Tribes1 server) # :INIT "Tribes1 Server" # OUT UDP 28000 28000 192.168.0.2 0 R # :SUB # IN UDP 28000 28008 0.0.0.0 0 0 AD # OUT UDP 28000 28008 0.0.0.0 0 0 D # :END # KALI # Built-in supported. # Quake2 # (change 192.168.0.2 to correct IP address of your Quake2 server) # :INIT "Quake2 Server" # IN UDP 27910 27910 192.168.0.2 0 0 - # :SUB # :END # Bungie.net, Myth, Myth II Server # (Change 192.168.0.2 to correct IP address) # :INIT "Bungie.net Server" # IN TCP 3453 3453 192.168.0.2 0 0 - # :SUB # :END # Unreal server # (Change 192.168.0.2 to the IP address of your Unreal server) # :INIT "Unreal Server" # IN TCP 7777 7777 192.168.0.2 0 0 - # :SUB # :END # Unreal Tournament Server # Apprule made possible by: MutantKiller@planetunreal.com # (Change 192.168.0.2 to the IP address of your Unreal Tournament server) # Unreal Game Data # :INIT "UT Game Data" # IN UDP 7777 7777 192.168.0.2 0 0 - # :SUB # :END # # Unreal Query Data # :INIT "UT Server Query" # IN UDP 7778 7778 192.168.0.2 0 0 - # :SUB # :END # # Unreal Uplink # :INIT "UT Server Uplink" # OUT TCP 27900 27900 0.0.0.0 60000 - # :SUB # IN UDP 7779 7781 0.0.0.0 0 0 A # :END # # Unreal Admin Webserver # :INIT "UT Webserver" # IN TCP 8888 8888 192.168.0.2 0 0 - # :SUB # :END # Nullsoft Shoutcast Server # :INIT "Nullsoft Shoutcast Server" # IN TCP 8000 8000 192.168.0.2 0 0 - # :SUB # IN TCP 8001 8001 0.0.0.0 0 0 - # :END # Fuse Server # (change 192.168.0.2 to correct IP address of your Fuse server) # :INIT "Fuse Server" # IN TCP 4500 4500 192.168.0.2 0 0 - # :SUB # :END # Heretic II Server # (change 192.168.0.2 to correct IP address of your Heretic server) # :INIT "Heretic II Server" # IN TCP 28910 28910 192.168.0.2 0 0 - # :SUB # :END # Hexen II # Each computer behind Sybergen Access Server or SyGate, # hosting Hexen II must have a different port number. # Below is an EXAMPLE of three apprules for hosting Hexen II # - Player 1 has IP address of 192.168.0.2, with a port number 26900 # - Player 2 has IP address of 192.168.0.3, with a port number 26901 # - Player 3 has IP address of 192.168.0.4, with a port number 26902 # Just change the IP address to the IP address of the computer hosting # Hexen II, and set the Port number to a unique number # To connect to Hexen II from outside of your LAN you must put the IP # address if your external Network Card/Modem and the port number of # the game you wish to join. # # Hexen II server 1 # (change 192.168.0.2 to correct IP address of your Hexen II server) # :INIT "Hexen II Server 1" # IN UDP 26900 26900 192.168.0.2 0 0 - # :SUB # :END # # # Hexen II server 2 # (change 192.168.0.3 to correct IP addres of your Hexen II server) # :INIT "Hexen II Server 2" # IN UDP 26901 26901 192.168.0.3 0 0 - # :SUB # :END # # # Hexen II server 3 # (change 192.168.0.4 to correct IP address of your Hexen II server) # :INIT "Hexen II Server 3" # IN UDP 26902 26902 192.168.0.4 0 0 - # :SUB # :END # Laplink Server # (change 192.168.0.2 to correct IP address) # :INIT "Laplink server" # IN TCP 1547 1547 192.168.0.2 0 0 - # :SUB # :END # Remotely Possible Server # (Change 192.168.0.2 to the IP address of your Remotely Possible server) # :INIT "Remotely Possible Server" # IN TCP 799 799 192.168.0.2 0 0 - # :SUB # :END # Lotus Notes Server (Port 1352) # (Change 192.168.0.2 to the IP address of your Notes server) # :INIT "Lotus Notes Server" # IN TCP 1352 1352 192.168.0.2 0 0 - # :SUB # :END # pcANYHWERE host inside. # You need replace the 192.168.0.2 in the following line to # your client's IP address and remove the comments flag '#' from # following two rules # # :INIT "pcANYWHERE Use" # IN TCP 5631 5631 192.168.0.2 0 0 - # :SUB # :END # # :INIT "pcANYWHERE Seek" # IN UDP 5632 5632 192.168.0.2 0 0 - # :SUB # IN UDP 22 22 0.0.0.0 0 0 - # :END ######################################################################## # Following demos how to make servers on Sybergen Access Server # or SyGate client visiable to outside. # # Demo Web Server1 on Sybergen Access Server or SyGate client, # use http://:80 to access 192.168.0.2:80 # # You need replace the 192.168.0.2 in the following line to # your client's IP address and remove the comments flag '#' from # following rule. # # :INIT "Our WEB Server" # IN TCP 80 80 192.168.0.2 0 0 - # :SUB # :END # # Demo FTP Server1 on Sybergen Access Server or SyGate client # You need replace the 192.168.0.2 in the following line to # your client's IP address and remove the comments flag '#' from # following rule. # # :INIT "Our FTP server" # IN TCP 21 21 192.168.0.2 0 86400000 - # :SUB # :END # # Demo TELNET Server on Sybergen Access Server or SyGate client # You need replace the 192.168.0.2 in the following line to # your client's IP address and remove the comments flag '#' from # following rule. # # :INIT "Our TELNET server" # IN TCP 23 23 192.168.0.2 0 36000000 - # :SUB # :END # # Demo Mail Server on Sybergen Access Server or SyGate client # You need replace the 192.168.0.2 in the following line to # your client's IP address and remove the comments flag '#' from # following rule. # Generally, you receive mail with POP3 protocol, # send mail with SMTP protocol. # # :INIT "Our Mail(POP3) server" # IN TCP 110 110 192.168.0.2 0 0 - # :SUB # :END # # :INIT "Our Mail(SMTP) server" # IN TCP 25 25 192.168.0.2 0 0 - # :SUB # :END # # ###################### End Of APPRULE.CFG #########################