Vanilla List Maling List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications
On Wed, Jun 09, 1999 at 11:16:08PM -0500, Steve Sheldon wrote:
>
> But I'm able to connect to just about every server. I connected to
> mit.netrek.org which used 2.9pl2, and so on. I thought it was supposed to
> break? :)
I've taken a very quick (and I mean a very quick) examination of the
original UDP connection code, and the reason why it doesn't seem to break
is, well, luck.
The UDP client port is sent with the UDP connect request packet
over TCP, so the port is already known. The original server code would
then use that port to open a UDP connection to the client, which would
fail because the firewall would block the packets. The USE_PORTSWAP
enabled client sends a UDP packet to the server first, so a hole is
punched through the firewall, thereby allowing the server's packets
to come through. Since the server doesn't wait for the client UDP
packet, there is a chance that the server's UDP connect fails before
the firewall actually opens a hole.
Now, when you throw in NAT (which I assume could translate the port
number), there is no guarantee that the client port sent with the UDP
connect request packet over TCP is valid outside the firewall, so
the whole thing wouldn't work. Therefore, the UDP_PORTSWAP enabled
server waits to get the (possibly translated) port number from the
client's UDP packet before attempting a connect, killing two birds
with one stone.
--
Dave Ahn <ahn@vec.wfubmc.edu> | "When you were born, you cried and the
| world rejoiced. Try to live your life
Virtual Endoscopy Center | so that when you die, you will rejoice
Wake Forest Univ. School of Medicine | and the world will cry." -1/2 jj^2