Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications

To: vanilla-list@us.netrek.org
Subject: Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications
From: "Steve Sheldon" <sheldon@visi.com>
Date: Thu, 10 Jun 1999 18:00:13 -0500
Cc: sheldon@visi.com
In-reply-to: Your message of "Thu, 10 Jun 1999 16:49:29 EDT." <19990610164929.A8416@vec.wfubmc.edu>

>On Wed, Jun 09, 1999 at 11:16:08PM -0500, Steve Sheldon wrote:
>> 
>> But I'm able to connect to just about every server.  I connected to
>> mit.netrek.org which used 2.9pl2, and so on.  I thought it was supposed to
>> break? :)
>
>I've taken a very quick (and I mean a very quick) examination of the
>original UDP connection code, and the reason why it doesn't seem to break
>is, well, luck.

 Isn't that how most of the Netrek code is written?  :)

>The UDP client port is sent with the UDP connect request packet
>over TCP, so the port is already known.  The original server code would
>then use that port to open a UDP connection to the client, which would
>fail because the firewall would block the packets.  The USE_PORTSWAP
>enabled client sends a UDP packet to the server first, so a hole is
>punched through the firewall, thereby allowing the server's packets
>to come through.  Since the server doesn't wait for the client UDP
>packet, there is a chance that the server's UDP connect fails before
>the firewall actually opens a hole.

 I see.

>Now, when you throw in NAT (which I assume could translate the port
>number), there is no guarantee that the client port sent with the UDP
>connect request packet over TCP is valid outside the firewall, so
>the whole thing wouldn't work.  Therefore, the UDP_PORTSWAP enabled
>server waits to get the (possibly translated) port number from the
>client's UDP packet before attempting a connect, killing two birds
>with one stone.

 I see.

 I guess where I was mainly concerned was if the client compiled with
USE_PORTSWAP was run on a machine with a good connection to the internet
with no NAT and no firewall.  Such as my machine at home with PPP.

 In that case, it seems to connect fine with the older servers.

 Now from behind a firewall, as I just tested, the new USE_PORTSWAP version
does not connect with the old servers, but does with the new server.

 Which is fine.

 My main concern was really if I was going to have to make two versions of
the client available.  One for those behind a firewall, and one for those
who are not.  But it seems I only need to compile one.

 Anyway, I just tried it here form work, and it is functioning great!

Steve

Follow-Ups:
- Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications
  - From: Dave Ahn <ahn@vec.wfubmc.edu>

References:
- Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications
  - From: Dave Ahn <ahn@vec.wfubmc.edu>

Prev by Date: Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications
Next by Date: Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications
Prev by thread: Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications
Next by thread: Re: [VANILLA-LIST:2286] Erik Rungi's ntserv/socket.c modifications
Index(es):
- Date
- Thread