ClearOS, Web Proxy, Content Filter and XboxLive…

When using ClearOS’s transparent proxy and content filtering system, XboxLive will no longer work. Even if you add the Xbox’s IP address to the exempt list on the content filter, it will not work 100%. The content filter seems to always be invoked no matter what. To remedy this, we need to add a rule to our iptables and allow port 80 on outgoing connections.

Run the following command on your ClearOS machine to add the required rule temporarily (Remember to open port 80 on outgoing connections and insert your Xbox’s IP address in the correct place!):

iptables -t nat -I PREROUTING -s IPADDRESS-OF-XBOX -p tcp --dport 80 -j ACCEPT

To clear the rule, simply restart the firewall service:

service firewall restart

If the rule works for you and you want to make the change permanent, you need to edit the file ‘rc.firewall.local‘ located at ‘/etc/rc.d/‘:

vi /etc/rc.d/rc.firewall.local

This file gets executed every time the firewall is stopped, started or restarted. Simply place the iptables line from above in the file to have it automatically added at start-up.

You will also need to have a few other ports opened for your Xbox if you haven’t already done so:

Port 88 (UDP)
Port 3074 (UDP and TCP)

That’s it! You should now be able to successfully use all of XboxLive’s features!


In ClearOS 6.2 ‘/etc/clearos/firewall.d/local’ is equivalent to ClearOS 5.1’s ‘/etc/rc.d/rc.firewall.local’. Also note that you need to be sure to set a static IP address for your Xbox if you have not already done so.

Comments are closed.