Assumptions
Port used by Factorio client defaults to 34197.
Local Server / Local Connection
Set up game server on 192.168.0.245:34197 (default port). Connection works on LAN.
Firewall / NAT
On PfSense, set up Firewall rule to allow traffic to the server:
- Priority, in this case, is irrelevant because of destination port. The main point is to ensure that the destination address and port are set because the source port is generally set randomly in the range
1024to65535. - In addition to the firewall, a NAT rule is required so that the router can understand where to send the data. Thus, a NAT rule set to a destination address of 192.168.0.245 with a destination port of 34197 in this case.
DNS / Hostname
Because we suspect Cloudflare limitations with proxying, we specified an A record that is not proxied because proxied Cloudflare domains only have a limited range of ports.
Here we are just making sure the hostname points directly at the home router.
Hostname / NAT
Once that is set, we included an alias on PfSense to translate the inbound hostname into a LAN IP address:
Client → Cloudflare Nameserver → WAN IP address → Firewall → NAT → Server
PfSense does not by default allow hostnames as part of NAT rules. This can be circumvented by using an alias that is simply a key:value pair with an IP or FQDN, such as Factorio:factorio.terminus.earth.
This can then be used in the NAT rules as a destination, where the destination is set as an Address or Alias. When used as the latter, the alias translates to the FQDN.