DreamPi PF Configuration Example

From dreamcast.wiki
Jump to navigation Jump to search

This is an example of how I set up an OpenBSD router to work with all games on DreamPi 1.7. These settings should be similar to what's necessary for a pfSense or FreeBSD based router.

  • On your DreamPi, put an empty file named /boot/ssh on the card and boot the DreamPi in order to enable ssh.
  • SSH into the DreamPi using username: pi and password: raspberry, and make sure to change the password using "sudo passwd pi"
  • On your Raspberry Pi, stop the DreamPi service with "sudo service dreampi stop"
  • Use nano to edit the dreampi.py configuration: "sudo nano /home/pi/dreampi/dreampi.py"
  • Find these lines:
this_ip = find_next_unused_ip(".".join(subnet) + ".100")
dreamcast_ip = find_next_unused_ip(this_ip)
  • Replace with:
#this_ip = find_next_unused_ip(".".join(subnet) + ".100")
#dreamcast_ip = find_next_unused_ip(this_ip)
this_ip = "192.168.1.19"
dreamcast_ip = "192.168.1.20"

In this example, 192.168.1.19 is the IP address you want to use for your DreamPi modem's IP address, and 192.168.1.20 is the IP address you want to use for your Dreamcast. Make sure you pick an IP not within your DHCP pool.

  • Save the file.
  • Start the DreamPi service with "sudo service dreampi start"
  • The DreamPi will now always use the same IP address, so it will now be easier to configure your PF firewall.
  • Here are the following relevant entries from my /etc/pf.conf:
#define dreamcast/dreampi ipv4 address
dreamcast = 192.168.1.20   # dreampi at 192.168.1.19

# dreamcast ports to forward
# AFO: UDP 7980
# ChuChuRocket: UDP 9789
# IGP: UDP 5656, TCP 5011, TCP 10500, TCP 10501-10503
# 2K: UDP 5502, UDP 5503, UDP 5656, TCP 5011, TCP 6666
# NextTetris: TCP/UDP 3512
# OogaBooga: UDP 6001
# PBA2001: TCP/UDP 2300-2400, UDP 6500, TCP/UDP 47624, UDP 13139
# Planet Ring: UDP 7648, UDP 1285, UDP 1028
# Starlancer: TCP/UDP 2300-2400, UDP 6500, TCP/UDP 47624
# WSB 2K2: UDP 37171, UDP 13713
# Worms World Party: TCP 17219
dreamcast_udp_ports = "{ 1028, 1285, 2300:2400, 3512, 5502:5503, 5656, 6001, 6500,
        7648, 7980, 9789, 13139, 13713, 37171, 47624 }"
dreamcast_tcp_ports = "{ 2300:2400, 3512, 5011, 6666, 10500:10503, 17219, 47624 }"

#ext_if is the name of the external interface, e.g. ext_if = "re0"
match out on $ext_if inet from $dreamcast nat-to ($ext_if) static-port

pass in on $ext_if inet proto udp from any to any port $dreamcast_udp_ports rdr-to $dreamcast
pass in on $ext_if inet proto tcp from any to any port $dreamcast_tcp_ports rdr-to $dreamcast
  • Restart pf entirely with "pfctl -F all -f /etc/pf.conf" on your BSD machine.
  • Your DreamPi should now be able to connect to all of the online games currently available. When new games become available in the future, you may need to update your pf.conf rules to allow these new games through.