#Firewall and IP forwading

Hello. For some reason after I allowed access to the pterodactyl pterodactyl0 network with ufw, my server it's getting:

"Unexpected disconnect during server login, did you forget to enable BungeeCord / IP forwarding on your server?"

All servers it's enabled bungeecord true, ip foward it's enabled, and I'm running 127.0.0.1 in backend servers and 172.18.0.1 in proxy for backend servers. What I did wrong?

I'm using Google Cloud, but I allowed all traffic

When I try to use 0.0.0.0 we have the "firewall error"

The configuration it's supossed to be right

If I try to use 0.0.0.0:25570 I recive this error:

[22:35:18 INFO]: [IceGames_] disconnected with: Could not connect to a default or fallback server. Incorrectly configured address/port/firewall? {0}

@fathom raptor; If you are configuring a minecraft network, please read our guide: https://pterodactyl.io/community/games/minecraft.html#network-configuration

Already did that

• server-ip in settings should be left on 0.0.0.0 so it's listening outside of it's own container
• Allocations for client servers like the lobby should NOT be 0.0.0.0, since that would open it fully; you're going through the proxy server, so you can just bind it to 127.0.0.1, which Wings will automatically interpret for you as your gateway (really binding on 172.18.0.1, the pterodactyl_nw gateway).
• What does your firewall currently look like?

I had to use 0.0.0.0 to my backend server and 172.18.0.1 in proxy and it worked

I disabled all firewalls for test

I'm using bungeeguard too

It isn't the best way, but for now it's working

It should continue to work when set to 127.0.0.1 or 172.18.0.1 for the panel allocations. Only the proxy itself needs to be opened.

Yeah, I know, but idk what's happening with my vps

Don't work with 127.0.0.1 at all

Please explain the issue you're experiencing in as much detail as possible. Preferably with error messages in a text format or paste link to logs. Nobody can assist you without information that helps to understand the issue. Help us help you. Messages such as "doesn't work" or "i need help" will most likely be ignored.

But when you have it set to 0.0.0.0, you can connect when the proxy is set to the 172.18.0.1 address? Or did you set the proxy to connect to the public address?

Proxy it's on 0.0.0.0 and config.yml of backend servers it's on 172.18.0.1, and the backend servers it's with 0.0.0.0. It's the only way that's working

You can rule out firewall entirely with iptables -I INPUT -i pterodactyl0 -d 172.18.0.1 -p tcp -j ACCEPT. The rule will go away when you reboot the machine.

This rule will do what exactly?

Allow comunication with all tcp ports in 172.18.0.1 context?

Allow traffic from the pterodactyl_nw network to 172.18.0.1, and the -I says to put the rule at the top of the chain, taking priority over anything else.

This can solve 127.0.0.1 problem?

If Docker was opening the firewall for you, since 0.0.0.0 means "bind everywhere, on all interfaces", that would explain why that worked, but binding to just 172.18.0.1 (which Wings translates 127.0.0.1 into for you, for allocations) didn't. Manually allowing the traffic in the firewall will tell us what's wrong or rule out firewall as the cause.