Lately I've been having some trouble with Minecraft LAN games. Not with hosting them or even with joining them exactly, but with seeing them at all. Here's the situation:
- I am not able to see Minecraft LAN games on my multiplayer screen automatically
- I can see them if I add them as I would a server on the internet
- I can join them if I add them, or if I connect to them directly
Basically, I can join games but not find them automatically. It just says "Scanning for games on your local network…" indefinitely. My current theory is that while joining games obviously doesn't require opened ports discovering them might – is this the case?
As far as I know I can't permit specific applications through my firewall (I'm on Linux, and not that I'd care to just give a blanket permit to Java in any case) so I can't test this without having some idea of what ports would be required. It's also possible it's another issue pertinent to Linux or something else altogether, though.
This isn't a huge deal as I can just ask what port the server is being hosted on, but it's been bugging me. Oh, and in case anyone comes across this question with a similar problem, I'm just going to reiterate:
You can join the game by connecting to it directly, just ask for the port. The person hosting will receive a message with it when they open the game. Then you can directly connect to it at (probably) 192.168.#.###:####.
UPDATE: Hosting on LAN works fine, I just can't see the games others host. Additionally, I should clarify I actually mean opening ports on my local firewall, I said port forwarding but that was not actually what I meant.
For a further clarification, this isn't isolated to one person – I've tried with both my brothers, neither of whom is using any special security software that I know of. And they can see each others'.
Best Answer
Newer Fedora versions (Fedora 18 and onwards) use Firewalld to manage iptables rules. The iptables service that loads rules out of
/etc/sysconfig/iptables
is not present by default. A bunch of my answer involves manually bashing about in iptables rules. This is a bit of new ground for me, as my main experience with firewalld up to this point has been making a beeline back to traditional reading of iptables rules out of the save file. Most of the firewalld information was collected on the fly based on theiptables
rules that it implemented.I double-checked this on a Fedora 20 VM that I've been fiddling with. When a rule is set in
firewall-config
, the packet for a new connection must go through the following steps to be accepted.To get to the point of my explanation, could I confirm that you've set an input interface or a IP address/range for the zone that you're allowing the port in? You've placed a rule to allow the port in a given zone, but it sounds as though the packet doesn't have a way to reach that rule and be accepted.
You can list a table using
iptables -nvL
. Firewalld sets up a lot of chains, so if you want to take a look at one in particular, add the chain name as an argument:iptables -nvL <chain-name>
. If you can see numbers greater than zero in the lefthand columns, this means that packets have reached and triggered the rule. (The action the rule takes is in the third column).To force your firewall to accept everything, and to see if something along the line is causing you grief, you could stop the firewalld service altogether temporarily.
systemctl stop firewalld
You can alternately flush the tables with
iptables -F
, though I'm not sure when/if firewalld will repopulate the chains on their own without a rule change to prompt it to do so.Hopefully this will solve your issue. But if you want/need to go to a custom
iptables
layout by having the firewall load its rules out of /etc/sysconfig/iptables, you will need to install and enable the service, as well as disable firewalld.yum install iptables-services
systemctl stop firewalld
systemctl disable firewalld
systemctl start iptables
systemctl enable iptables