From: Bob Tanner <tanner at>
>I assume portSwap: is a cow only parameter, based on this post from Alec?

It shouldn't be.  My client supports it, and Piepho's Paradise 2000 supports it.

>I'm assuming you can config the client to use something like port 9999 with the
>portSwap feature.

No need normally.  The client initiates the connection, so the firewall knows to allow traffic to passback.

>So firewall rules would look something like this (if you got portSwap):

uhh, ok.

>open a hole for tcp port 2592 to your favorite server; this is the initial tcp

If you are closing all outbound ports, true.  While we do this at work, it would be somewhat rare for a users home machine.

>open a hole for udp port 9999 to your favorite server; this is the real-time
>traffic of the game

Again, if you are closing all outbound ports, then I suppose that might be the solution.

>My confusion is with James posting here:
>His recommendation is to use trekhopd, is that still the best recommendation?
>If so, could it be made into an iptables module?

At this point I suggest giving up on this Linux crap and just buying a Linksys BEFSR11 if it's this much work.