router blocking SE IPs for ping flooding

**poodlehat** · 05-07-2013 10:27 PM

Hi,
Did something recently change in regards to networking? The game was running fine Sunday evening, but when I tried to play yesterday, I got nothing but R0s. Checking my routers log, it showed that the router was blocking an SE IP address for ping flooding. Even putting the PC into the DMZ won't stop the router from blocking a ping flood, so no luck there.

Any ideas?

**RAIST** · 05-08-2013 07:09 AM

if you can't whitelist SE's IP range in your router's security to enable/allow the DNS pings, you could try changing the security setting for respond to DNS and/or ping requests to see if it helps. Wording/options will vary, but may be options about replying to either one or both of them. Also might have to specify port 53 or DNS if whitelisting IP's, not just TCP/UDP. Opening up reply to DNS or ping isn't a perfect scenario (can open you up to DoS from ping flood and such), but it might keep you from getting drop-kicked from SE's servers because it thinks you lost connection. If toggling those works, I would test it after a while with the setting back on the stronger security options...just in case SE fixes the network behavior down the line.

**poodlehat** · 05-08-2013 09:07 AM

Thanks for the response. The router is a DIR-865. I have "Enabled WAN Ping", and in the firewall I have all ports open to the following blocks of addresses, which I know to be owned by SE:

202.67.48.1 -202.67.63.254
124.150.152.1 -124.150.159.254
61.195.48.1 -61.195.55.254
219.117.144.1 -219.117.159.254

Now, if there is some game traffic that is being sourced from some other IP that doesn't belong to SE (like a cloud service or something) then it may be the culprit. I'm not comfortable opening all the ports SE says to open to all IP addresses. I'd rather limit it to just ones owned by SE.

**RAIST** · 05-08-2013 01:26 PM

yeah... I can relate. I've lost too many hours trying to salvage infected systems in the past.

There are some specific addresses you could use just for testing the DNS I guess. Forgot I had these scribbled down still:

202.67.53.31 (dns1.square-enix.com)
202.67.53.95 (dns2.square-enix.com)
202.67.53.32 (dns3.square-enix.com)
202.67.53.96 (dns4.square-enix.com)

Shot in the dark...but if it works, will dramatically limit the exposure.

**poodlehat** · 05-09-2013 04:39 AM

Well, I downloaded an application that let me monitor the signal coming from the router, and it appears this may be a physical problem. The signal intermittently is dropping out about every 30 seconds or so. The wired connection is also dying at the same time as the wireless one. So, perhaps it has developed a memory fault or something. I will be replacing it in a day or two.

**SE_Chris** · 05-14-2013 09:52 AM

If you continue to experience issues after acquiring the replacement, please reply back to this thread so that we can look further into this issue. Thank you again RAIST for your continued assistance.

**Sarick** · 05-14-2013 12:27 PM

Tomato

#FFXI Ping
iptables -I INPUT 2 -s 202.67.53.0 -p icmp -j ACCEPT

J/K

I know on PS2 there was an option for disabling connection detection. Maybe this is why my routers where slower when playing final fantasy with respond to ping enabled. Servers flooding my IP. Then again it could just as easly be the router mistaking the game packets as ping attempts.

Thread: router blocking SE IPs for ping flooding

Thread Tools

Search Thread

Display

router blocking SE IPs for ping flooding