Re: [VANILLA-CLIENTS:208] I need a bit of help.

[James Cameron <quozl@us.netrek.org>]

On Sat, Mar 11, 2000 at 09:23:22PM -0600, Lacutis wrote:
> Im not sure if you are who I would need to ask, but.
> I need to open ports on my firewall to play Netrek.
> What ports would those be? UDP and TCP.

You have too many choices, we'd need more information.

The Netrek client connects to the server on port 2592, by TCP.  After
that, the server and client negotiate on a randomly allocated UDP port
and move most of the real-time traffic into that stream.

The client can be told not to try the UDP stream, in which case you
remain playing on TCP, with a significant disadvantage in terms of
ability to recover from packet loss.

Recent clients can be told to use a particular UDP port number range
at their end, which means that firewall rules can be tied down tighter.

Recent servers can be told to accept a known UDP port at the client end
suggested by the client within the TCP stream, such that state aware
firewalls can see the UDP stream start from the client first, rather
than the server (which is the usual case).

For the absolute best in security, you should obtain trekhopd, which is
the Netrek proxy server, review the code, compile and run it on the 
firewall, and then build clients for use behind the firewall and submit
their keys to the metaserver key administrator.

-- 
James Cameron   mailto:quozl@us.netrek.org   http://quozl.us.netrek.org/