Port Forwarding
-
This post is deleted! -
@syn:
Hi guys. I dont want to hijack the thread, but at the moment I am within a subnet without access to the router and I am having some problems connecting.
As a client (NOT the host), does any port need to be forward as well? I thought it was only mandatory server-side.
Any info appreciated!
Yes you need client and server to have Open ports if behind a NAT… IF you do NOt have access to the Router like at college or something you could try a HTTP Tunneling service…
-
@Bad:
Not correct, you always be protected by the default Windows (software) Firewall
BB
WEll yes and No if you DMZ your PC you are vulnerable to an attack more so then if the SPI Firewall and a Software Firewall is in place… it is BEST NOT to DMZ your PC For anything other then testing…
This is the Lazy way out… DMZ is exactly what it stands for “De Militirized Zone” Well we all know or at least should know what that is like…
-
From my POV, to DMZ a router without checking if one firewall (SPI or software) is in place is stupid and make no sense at all (I repeat : it is only my personal POV)
To be vulnerable highly depends what you are doing with a computer
I DMZ my router and i never had any attack or vulnerability issue because SPI firewall is in place and because I do care of what I’m doing with my computer (it is a “computer” philosophy)
BB
-
@Bad:
From my POV, to DMZ a router without checking if one firewall (SPI or software) is in place is stupid and make no sense at all (I repeat : it is only my personal POV)
To be vulnerable highly depends what you are doing with a computer
I DMZ my router and i never had any attack or vulnerability issue because SPI firewall is in place and because I do care of what I’m doing with my computer (it is a “computer” philosophy)
BB
Well, Bad Boy I hate to be the bearer of Bad news but for one you do NOT DMZ your Router you are putting your PC in FRONT of the Router. its SPI Firewall and all, basically unprotected to the internet… A software firewall is helpful but once you go into a DMZ you are Vulnerable as you are exposed to the internet unobstructed…
Like I said a DMZ is the Demilitirized Zone, basically not a nice place… I know you are vulnerable does that mean you will be attacked probally not but why take the chance… Port Forwarding Offers a bit more security as it is ONLY Opening required ports vs the DMZ which Basically OPENS them ALL… and for some hacker who maybe sniffing on your Line sees these ports are open you are just inviting trouble…
I alone and NOT the ONLY one who knows this… I would advise on just setting up Port Forwarding as doing the DMZ is like having unprotected sex. you may or may not catch something…
I just hope you don’t advise other users to do the same as you…
-
Yes you need client and server to have Open ports if behind a NAT…
open ports? you’re confusing outgoing with incoming.
And DMZ wrt network topology means a subnet with access to a “militarized” subnet, but not the other way around. So it hardly applies. Why people use the term incorrectly is beyond me…
-
@The Nephilim the routers firewall and whole protection system is software, and for me more vaneruble then serius software protection.
A routers firmware is way way more exposed and analised to be hacked then a software protection system that u can update many times a year according to developers updates.
Initially the routers prottection system was there as a first stage filtering and no need of having an extra server for this job, also for stability as all OS’s some time crash.So dmz or connecting directly to the internet ain’t that much of trouble or danger… it’s just a myth. Knowing what to do with it and how to do it safely is another path… so the easy way (As in photo cameras) put the damn thing in automode and fire it up.
-
@The Nephilim the routers firewall and whole protection system is software, and for me more vaneruble then serius software protection.
A routers firmware is way way more exposed and analised to be hacked then a software protection system that u can update many times a year according to developers updates.
Initially the routers prottection system was there as a first stage filtering and no need of having an extra server for this job, also for stability as all OS’s some time crash.So dmz or connecting directly to the internet ain’t that much of trouble or danger… it’s just a myth. Knowing what to do with it and how to do it safely is another path… so the easy way (As in photo cameras) put the damn thing in automode and fire it up.
Yep Arty, it is also exactly my POV here
BB
-
Remember the sasser worm? On Windows, it’s pretty hard to close -all- silly ports. On Unix, ports are to close/bind-to-loopback, not fiddle around with a firewall.
-
To bring this old thread up:
how can a client test if his router fu**s up his portforwarding without connection to a BMS server running in Debug mode? Is this possible with an tool or something?
-
We require ports open for each player 100% of all flights and still have the glitches you mention from time to time. Debriefs are always an issue on the debrief.txt, not so much in the sim itself. Other issues sporadic. Datalink is always an issue. Seems we are always having one pilot that can’t be seen, no matter if CONT on the FCR is selected or not. And it isn’t always the same player that can’t be seen, or the same players that can’t see him/her.
-
yes11 I deleted it…
-
Okay…
There are no IPv4 addresses left, maybe except AFNIC.
My ISP switched to NAT after 10 years. Guess won’t play with you.
Sent a request to provide a public one (on grounds that ipip and ipsec isn’t natted) but they didn’t even respond.
Best of luck with the dubious tcp/ip interpretation. See you in the n falcon years it takes for BMS to support AF_INET6.
-
Okay…
There are no IPv4 addresses left, maybe except AFNIC.
My ISP switched to NAT after 10 years. Guess won’t play with you.
Sent a request to provide a public one (on grounds that ipip and ipsec isn’t natted) but they didn’t even respond.
Best of luck with the dubious tcp/ip interpretation. See you in the n falcon years it takes for BMS to support AF_INET6.
Looks like the problem rises as some member of my wing won’t get an IPv4 adress from their german providers. Hope BMS can adress this before it gets more worse
-
To bring this old thread up:
how can a client test if his router fu**s up his portforwarding without connection to a BMS server running in Debug mode? Is this possible with an tool or something?
Simple Port Tester. http://www.majorgeeks.com/files/details/simple_port_tester.html
Some programs ‘lie’ and tell you ports are open when they are not …. or that they are closed, when they are open. Simple Port Tester works perfectly (for me) … if it says ports are open, Falcon works as it should; If it says ports are closed, Falcon fails as it should.
-
Thx for the link. Tried it and works for me also, but on another clients it shows the ports open but Falcon still claims the client is connection dubious. We have to make further checks ….
-
Forwarding ports as a client is superfluous and accomplishes nothing. Only the host needs to forward his ports. 99% of the connection problems I’ve seen in BMS were due to the host setting something up incorrectly. The other 1% were something boneheaded like not having the right theater selected.
-
Forwarding ports as a client is superfluous and accomplishes nothing. Only the host needs to forward his ports. 99% of the connection problems I’ve seen in BMS were due to the host setting something up incorrectly. The other 1% were something boneheaded like not having the right theater selected.
Please start reading the whole thread (at least start with post #13) and you will see you’re statement is more or less wrong …
-
See my post on the first page of the thread and take your own advice? But go ahead and chase down blind alleys if you wish.
-
Dubious if the fallback works.