Java-Gaming.org    
Featured games (78)
games approved by the League of Dukes
Games in Showcase (428)
Games in Android Showcase (89)
games submitted by our members
Games in WIP (466)
games currently in development
News: Read the Java Gaming Resources, or peek at the official Java tutorials
 
    Home     Help   Search   Login   Register   
Pages: [1]
  ignore  |  Print  
  Playing from behind firewall  (Read 2044 times)
0 Members and 1 Guest are viewing this topic.
Offline tom
« Posted 2003-11-16 13:59:40 »

I'm making a multiplayer first person shooter. I haven't come as far as doing testing yet, but I am conserned about wether it will work from behind a firewall.

The game uses udp. It's a client/server architecture, with the creator running the server.

I'm considering trying to bind the listening socket to port 80, hoping this will allow the packets to go threw the firewall. Can this work? What do a run of the mill corperate firewall let threw? Is tcp more likely to work than udp? etc..

I'm a newbie at this so don't bite my head off Smiley

Offline endolf

JGO Coder


Medals: 7


Current project release date: sometime in 3003


« Reply #1 - Posted 2003-11-16 18:56:41 »

Hi
 Using port 80 could cause problems for running your server under linux, as you will need root permissions to run on a port under 1024.
 UDP to port 80 will be no better than tcp to a high port, normally if outgoing traffic is locked down then it will be tcp to port 80 or 8080 only, (maybe port 25, 21 etc and some well known other ports will be open too, but no high ones).
 On the other hand, if the high tcp ports are open, odds are, so are the UDP ones. This isn't always true. Most companies/IT departments can realise that UDP is mainly used for streaming content like online radio, or for games, so it might be that all UDP is blocked, but TCP is fine.
 As you can see, there is no common firewall setup, it's up to the firewall admins at the end of the day as to what gets out. TCP 80 is the most likely to be open.
 As for the person running the server, listening on port 80 is only any good if they have a public IP, or the firewall forwards the packets, so again, nothing is certain.

HTH

Endolf

Offline Jeff

JGO Coder




Got any cats?


« Reply #2 - Posted 2003-11-17 03:51:53 »

Corporate firewalls can be particularly restrictive.

As an example, our firewall ONLY allows outgoing or incoming connections via our http/ftp proxy.

HTTP is about the only thing you can gaurantee getting through a firewall.

Having said that, many firewalls allow outgoing TCP connections, but nothing else.

Using UDP you are least likely to get through a firewall, frankly.  Some will allow outgoing UDP and then route incoming UDP addressed to the same socket back in, but its not common.

The one saving grace is that Java inherently supports SOCKS.  Its a pain to set up but IF the user's LAN has a SOCKS proxy AND they configure Java for it, then they are gold.  (However the SOCKS proxy may add additional latency depending on how the LAN is set up and how overloaded the SOCKS server is.)




Got a question about Java and game programming?  Just new to the Java Game Development Community?  Try my FAQ.  Its likely you'll learn something!

http://wiki.java.net/bin/view/Games/JeffFAQ
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline Herkules

Senior Member




Friendly fire isn't friendly!


« Reply #3 - Posted 2003-11-17 07:38:47 »

This in turn means: forget UDP for online games?!

I thnik there are other points to consider when using UDP on the WAN. 90% or so of the traffic is TCP. For TCPs nature of being guaranteed .... if I were a router and had to decide wether to drop a TCP or a UDP packet due to high load - I'd prefer the UDP one for I can be sure that I will see that TCP packet again. I experienced situations when playing around with JSDT/UDP, where the loss was 100% - which is absolutely legal for UDP Sad


So on the internet, you might expect higher packet loss on UDP! (Not sure wether that's true).

I still am an advocate of TCP solutions esp. for the internet and by FlyingGuns can also proof they work just fine with low bandwidth needs and best opportunities for packet-avoidance-algorithms.

(um, did I start a TCPvsUDP discussion again or is it already here?)

HARDCODE    --     DRTS/FlyingGuns/JPilot/JXInput  --    skype me: joerg.plewe
Offline endolf

JGO Coder


Medals: 7


Current project release date: sometime in 3003


« Reply #4 - Posted 2003-11-17 08:00:08 »

Hi
 You started it again Smiley
UDP is *fine* for games, ideal for movement when a packet lost here and there is not important, with TCP you would just flood the poor guy who's connection is dodgy Smiley. The specific question was to do with corprate firewalls, I don't know anyone who plays things like quake from work to internet servers, maybe they play in the office out of business hours, but not normally across the internet. At home, UDP isn't blocked by firewalls normally (IPTables and winblows firewall both let it all out by default), the are interested mainly in blocking incomming traffic (unless otherwise configured, at which point you know how to open certain bits up agian).

 More general TCP v.s. UDP conversations should be directed at that long long thread over in the networking topics. But in terms of firewalls, from behind a corprate firewall as I commented and jeff confirmed, the most likely option is port 80 for client outgoing traffic, and UDP is the least likely. Running the server from behind the firewall will almost certainly not work at all though, regardless of what ports/protocol you use, that is after all the point of a firewall. The exception of course is where you are doing this for business reasons and you can get your IT dept to open/direct the appropriate ports/protocol at your server.

HTH

Endolf

UDP v.s TCP thread

Offline blahblahblahh

JGO Coder


Medals: 1


http://t-machine.org


« Reply #5 - Posted 2003-11-17 09:03:35 »

Quote

I don't know anyone who plays things like quake from work to internet servers, maybe they play in the office out of business hours, but not normally across the internet.


ROFL...Each of the huge corporates I've worked at has always had people playing Quake1/2/3 online. People tended to especially enjoy being LPB's courtesy of a fast corporate net connection. One multinational headquartered in the UK where I worked used to suffer ethernet meltdown on Friday afternoons due to a combination of game traffic and porn-surfing (when the email servers broke one Thursday, and weren't fixed until the start of the next week, an email was sent round saying that of the X thousand emails stuck in the queue for the past five days, something like 60% were non-business-related, and 20% could result in being fired according to the standard employment contract!).

Typically the game-playing is carefully moderated by the employees themselves - half an hour of quake during a lunch break every now and then gets tolerated, especially when people are arriving in work at 6:30am each morning. I've spotted even the most moralistic of employees doing it at some point or other Smiley. I even have a friend who was somewhat embarrassed to be caught by his boss playing Quake *and* Solitaire at the same time Smiley.

Quote

More general TCP v.s. UDP conversations should be directed at that long long thread over in the networking topics.


Um. We appear to be in the Networking topic? Smiley. Anyway, I've made the TCP/UDP thread sticky, which should hopefully minimize  accidentally going over the same ground!

Quote
But in terms of firewalls, from behind a corprate firewall as I commented and jeff confirmed, the most likely option is port 80 for client outgoing traffic, and UDP is the least likely.


...and which of course has led to the thriving business in HTTP-tunnelling options in various modern apps Smiley, and the existence of articles with titles like "How to tunnel ANYTHING via HTTP". Chuckle.

malloc will be first against the wall when the revolution comes...
Offline Herkules

Senior Member




Friendly fire isn't friendly!


« Reply #6 - Posted 2003-11-17 09:43:49 »

Playing at work: this is a high potential market!! Esp. I think for casual Java games that are made highly attractive by MP features!

Minesweeper and Solitaire may be the most played games all over the world!! Not bc. they are good, but bc. they are playable at work in a fast-in-fast-out manner. Java games should try to get there!

Here in Germany there was the 'Moorhuhn' phenomenon - a game that got everywhere! Millions of copies! One reason was, I suppose, that it has been easily accessible at work!

(And for the other thing: I feel it is better to send a poor guy 1,2 or 3 TCP messages per second than flooding him with UDP packets where most of them get dropped. My personal feeling is that NOT sending data is by far better than sending with the risk of loss - but that's fpr the other thread Smiley )

HARDCODE    --     DRTS/FlyingGuns/JPilot/JXInput  --    skype me: joerg.plewe
Offline tom
« Reply #7 - Posted 2003-11-17 12:25:07 »

Don't want to start the TCPvUDP discussion. My game is designed to use UDP and it works great.

However, casual gamers is the target group. It would be great if people could play it in their coffee break at work Smiley So I might try connecting using as many ways as possible and use wathever works, if any at all. As for the TCP version I must make sure I don't flood the line, because I'm using a quite brute force method  Smiley

Offline Jeff

JGO Coder




Got any cats?


« Reply #8 - Posted 2003-11-17 19:11:11 »

Quote



...and which of course has led to the thriving business in HTTP-tunnelling options in various modern apps Smiley, and the existence of articles with titles like "How to tunnel ANYTHING via HTTP". Chuckle.


And to my disgruntled comment that HTTp tunneling is like locking the door and then trying to push the cat through the keyhole Sad

Once everything is tunneled through HTTP one has to question exactly why the main door was locked in the first place.

Typically the answer is that its an ugly, nasty, slow compromise born of corporate IT's fundamental belief that no one but they should EVER be allowed to access the internet, and the real needs of their clients.



Got a question about Java and game programming?  Just new to the Java Game Development Community?  Try my FAQ.  Its likely you'll learn something!

http://wiki.java.net/bin/view/Games/JeffFAQ
Offline cfmdobbie

Senior Member




Who, me?


« Reply #9 - Posted 2003-11-17 20:23:42 »

Jeff: so something like compressing your data beforehand is somewhat akin to shredding the cat first? Grin

Hellomynameis Charlie Dobbie.
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline Jeff

JGO Coder




Got any cats?


« Reply #10 - Posted 2003-11-17 22:39:09 »

Quote
Jeff: so something like compressing your data beforehand is somewhat akin to shredding the cat first? Grin


Or squeezing it into a key-sized mold :/

Got a question about Java and game programming?  Just new to the Java Game Development Community?  Try my FAQ.  Its likely you'll learn something!

http://wiki.java.net/bin/view/Games/JeffFAQ
Offline swpalmer

JGO Coder




Where's the Kaboom?


« Reply #11 - Posted 2003-11-18 04:39:53 »

Funny, a friend of mine just went through this sort of stuff trying to play Q3 at work.  He could for the longest time, then some IT guy got mad for a completely different reason and decided to block the ports.

Had to switch to port 37 for the Quake server and he could get through again.
Our strategy was to find ports under 1024 that might use UDP for "normal" stuff.. just so it would be unlikely that the IT guys would blockl those ports as well.

Offline crystalsquid

Junior Member




... Boing ...


« Reply #12 - Posted 2003-11-20 12:15:20 »

Another issue here is 'NAT' routers (sometimes called NAT firewalls) - these can alter the outgoing port number, and in large organisations can even alter the lower byte or two of the IP between packets! If you reply roughly as many times as the client sends, it usually works out Ok. If the client can send many requests for each server reply, then it is advisable to check the IP & port of the most recent request received and reply to that instead of the initial IP/port umber you read. This does make client identification a little harder, and can allow spoofing of clients if you are not careful.

- Dom
Pages: [1]
  ignore  |  Print  
 
 
You cannot reply to this message, because it is very, very old.

 

Add your game by posting it in the WIP section,
or publish it in Showcase.

The first screenshot will be displayed as a thumbnail.

xsi3rr4x (79 views)
2014-04-15 18:08:23

BurntPizza (71 views)
2014-04-15 03:46:01

UprightPath (82 views)
2014-04-14 17:39:50

UprightPath (66 views)
2014-04-14 17:35:47

Porlus (82 views)
2014-04-14 15:48:38

tom_mai78101 (106 views)
2014-04-10 04:04:31

BurntPizza (166 views)
2014-04-08 23:06:04

tom_mai78101 (262 views)
2014-04-05 13:34:39

trollwarrior1 (212 views)
2014-04-04 12:06:45

CJLetsGame (221 views)
2014-04-01 02:16:10
List of Learning Resources
by SHC
2014-04-18 03:17:39

List of Learning Resources
by Longarmx
2014-04-08 03:14:44

Good Examples
by matheus23
2014-04-05 13:51:37

Good Examples
by Grunnt
2014-04-03 15:48:46

Good Examples
by Grunnt
2014-04-03 15:48:37

Good Examples
by matheus23
2014-04-01 18:40:51

Good Examples
by matheus23
2014-04-01 18:40:34

Anonymous/Local/Inner class gotchas
by Roquen
2014-03-11 15:22:30
java-gaming.org is not responsible for the content posted by its members, including references to external websites, and other references that may or may not have a relation with our primarily gaming and game production oriented community. inquiries and complaints can be sent via email to the info‑account of the company managing the website of java‑gaming.org
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines | Managed by Enhanced Four Valid XHTML 1.0! Valid CSS!