Firewalls/routers and UDP port 7777

[Bereror]

My game runs without any problems and I have no issues with my firewall or router. However, I would like to see somebody with networking experiences to clarify requirements for firewalls/routers to make sure that we do not give wrong advises to people who have such problems.

I have seen many suggestions to enable UDP port 7777 for incoming traffic and/or forward it to the machine in the local network that runs the game. Please correct me if I\'m wrong, but as far as I see, we need to open UDP port 7777 for outgoing traffic and no port forwarding is needed. In a fact, I think it may harm network security if we open UDP port 7777 for incoming traffic and forward it to a PC in our local network.

Here is the network traffic between my router/firewall and the Laanx server:

Code: [Select]


11:44:42.501959 IP 213-35-145-6.32775 > laanx.fragnetics.com.7777: UDP, length: 22
11:44:42.826329 IP laanx.fragnetics.com.7777 > 213-35-145-6.32775: UDP, length: 22

As you can see, Laanx did not send any UDP messages to the port 7777, but to the UDP port 32755, which was the source port number when I sent a message to Laanx. So opening the UDP port 7777 for incoming traffic makes no sense, because there is no incoming traffic on that port. Instead, the UDP port 7777 shall be opened for outgoing traffic in order to send messages to the server. Traffic from the server uses the original source port and any firewall/NAT router should accept them without changes to the configuration.

So I am asking network experts to correct me if my statement above is wrong  :]

[LigH]

If your example is correct, then we do not even need to explicitly open port 7777 for outgoing traffic, because your computer did not send the packet via port 7777 either (but via port 32775 in this case); ports beyond 32K are \"reserved\" for temporary use, anyway.

Instead, laanx.fragnetics.com expects the packet to be sent to its port 7777 - when it arrives over there.

IIRC, PlaneShift worked already before I opened this port, but it\'s 4 months ago now. I\'ll try when home.
__

P.S.: I\'m currently in an intranet behind a NAT router without explicit forwarding of port 7777. PlaneShift works well. Another sign that your PoV shall be correct.

[DaveG]

In general, if you\'re not running a server you shouldn\'t be accepting connections on any port.  I often specifically state the need for bidirectional UDP, because my proxy allows me to create a unidirectional UDP mapped link, which does not work.  (you need to be able to send and receive messages to/from the server)  But, this has nothing to do with accepting incoming connections; my firewall has me in full stealth mode.

Essentially, this can get confusing because of the words used.  Incoming/outgoing data and connections are two separate things.  You need to be able to create an outgoing connection, and send outgoing data.  You need to be able to accept incoming data, but you should not be accepting new incoming connections.

[named]

I have the same problems. Im on OS X 10.4.3.
I notice in my firewall session log that program it self does not try to connect to the server at all?

If I run a ping or trace I get the server ip in my sessionlog.

But not from the client it self, I dont think its even tries to connect.
Very strange.
Im running the latest ver 0.12 with al the updates, java,  patch etc

[steuben]

i know this may be a silly question. but have you tried with the firewall off?

[DaveG]

Originally posted by steuben
i know this may be a silly question. but have you tried with the firewall off?

Translation:  Is your firewall misconfigured?

It seems many people are smart enough to know they need a firewall, but they don\'t bother to learn how to use them...  :/

[named]

It seems many people are smart enough to know they need a firewall, but they don\'t bother to learn how to use them...  :/
[/QUOTE]

Smart comment!!!

Have tried with and without the firewall. Im run severals web applications on the server and have no prob what so ever with my firewall. I can to run Unreal Tournament thats use UDP  port 7777.

Cant connect just using the adsl modem alone.

I belive more and more that the prob is in the client.

Any real help should be great.

[DaveG]

If you\'re fully up-to-date (check your data/servers.xml to make sure it not old, and it does say 7777) the problem is on your end.  Unfortunately, people need to realize that other people can connect, therefore the problem is on your end 99.9% of the time.  We can connect, and we don\'t have issues, so unfortunately we can\'t just magically fix your problem without even knowing what it is.

I direct you to your other post in the MAC forum, where Bereror is already trying to help you.  In all likelihood, there is something weird on your MAC that is ticking off the client, because MAC is the least supported OS for us.  It works for others, so all we can do is try to help the best we can.

We\'re not psychics, and you are expected to actually be able to configure your own computer.  I know lots of MAC and Windows users with problems don\'t want to hear that, but it\'s the truth.  We are being patient with you, please be patient with us.  This is a pre-alpha tech-demo; don\'t expect it to be automatically perfect for everyone, regardless of their system configs.

[named]

Solved!!

The udp and tcp port 3000 MUSTE BE OPEN?

Was looking in a UT forum. Did work for me.