Cobie Posted March 4, 2018 Report Share Posted March 4, 2018 Hi All, in order to play EnB i need to disable my firewall which ports do i need to open to play EnB ? please advise: 43 is open (outgoing) 80 is open (outgoing) 3000-4000 are open (outgoing) but still can not connect to the logon server. Cheers. Quote Link to comment Share on other sites More sharing options...
Cipher [DEV] Posted March 4, 2018 Report Share Posted March 4, 2018 52 minutes ago, Cobie said: Hi All, in order to play EnB i need to disable my firewall which ports do i need to open to play EnB ? please advise: 43 is open (outgoing) 80 is open (outgoing) 3000-4000 are open (outgoing) but still can not connect to the logon server. Cheers. Rather than opening individual ports, you should be able to whitelist net7proxy.exe and client.exe, found in <Net7Installation>/bin and <EnBInstallation>/release, respectively. I also have a few more questions: What operating system are you using? What does the Net7 Launcher say your current version is? (Bottom right) Have you verified to check if your Local IP is correct in the launcher? In the Launcher, does the server sunrise.net-7.org show as ONLINE and display a player count? Thanks Quote Link to comment Share on other sites More sharing options...
Zackman [LDEV] Posted March 4, 2018 Report Share Posted March 4, 2018 1 hour ago, Cobie said: Hi All, in order to play EnB i need to disable my firewall which ports do i need to open to play EnB ? please advise: 43 is open (outgoing) 80 is open (outgoing) 3000-4000 are open (outgoing) but still can not connect to the logon server. Cheers. What is port 43? It should be 443 (SSL) but i wonder why you have to open that, your network should be "full NAT" under all circumstances. Anyway, note that all server communication is UDP protocol! UDP Port 3800-4000 in/out (starting with 3800 is fine). I already figured in the past that many (all?) US-Routers are delivered not well configured when it comes to NAT, it's almost like "NAT" isnt existing in the U.S....very strange. I cannot stress out enough that you should configure your router/network to/with a good and straight NAT setup, otherwise we come to port forwarding and forwarding UDP packets will become a PITA when you have more than one PC in the internal network running the game. Quote Link to comment Share on other sites More sharing options...
Cobie Posted March 5, 2018 Author Report Share Posted March 5, 2018 (edited) 23 hours ago, Cipher said: Rather than opening individual ports, you should be able to whitelist net7proxy.exe and client.exe, found in <Net7Installation>/bin and <EnBInstallation>/release, respectively. I also have a few more questions: What operating system are you using? What does the Net7 Launcher say your current version is? (Bottom right) Have you verified to check if your Local IP is correct in the launcher? In the Launcher, does the server sunrise.net-7.org show as ONLINE and display a player count? Thanks I am running it on ubuntu within wine (os win xp) Current version 540 My local ip is correct yes it is online (and now i know what the number is for) and displaying 95 users at this point. I run it in wine cause there is runs better then on my win7/-10 machine the only problem i have is the firewall. I can't whitelist those 2 programs cause of the emulator the true program does not show. it run's with the firewall up until server connect just before i need to enter username/password. it run's with the firewall down as if the game was designed for ubuntu. Hope it helps you to help me. just to be clear i know linux is not supported, but i do not require help there. Edited March 5, 2018 by Cobie Quote Link to comment Share on other sites More sharing options...
Cobie Posted March 5, 2018 Author Report Share Posted March 5, 2018 (edited) 22 hours ago, Zackman said: What is port 43? It should be 443 (SSL) but i wonder why you have to open that, your network should be "full NAT" under all circumstances. Anyway, note that all server communication is UDP protocol! UDP Port 3800-4000 in/out (starting with 3800 is fine). I already figured in the past that many (all?) US-Routers are delivered not well configured when it comes to NAT, it's almost like "NAT" isnt existing in the U.S....very strange. I cannot stress out enough that you should configure your router/network to/with a good and straight NAT setup, otherwise we come to port forwarding and forwarding UDP packets will become a PITA when you have more than one PC in the internal network running the game. port 43 is a typo port 443 is what i was trying to write. i do not use NAT. Cheers. Edited March 5, 2018 by Cobie Quote Link to comment Share on other sites More sharing options...
karu [WDL] Posted March 6, 2018 Report Share Posted March 6, 2018 15 hours ago, Cobie said: i do not use NAT. If you using router, you do use NAT. I very much doubt your PC has routable public IP. Anyway... for firewall you only need incoming:blocked, outgoing:open, forward:allow. If you dont use virtual machines then forward can be blocked aswell. If you using ubuntu and ufw, then no other rules are needed except 'ufw enable' Quote Link to comment Share on other sites More sharing options...
Cobie Posted March 7, 2018 Author Report Share Posted March 7, 2018 14 hours ago, karu said: If you using router, you do use NAT. I very much doubt your PC has routable public IP. Anyway... for firewall you only need incoming:blocked, outgoing:open, forward:allow. If you dont use virtual machines then forward can be blocked aswell. If you using ubuntu and ufw, then no other rules are needed except 'ufw enable' Thanks for your answer, basicly you tell me that you do not know what ports are used or that the number of ports used are very large that a firewall is useless. cheers. 1 Quote Link to comment Share on other sites More sharing options...
Zackman [LDEV] Posted March 7, 2018 Report Share Posted March 7, 2018 On 5.3.2018 at 6:07 PM, Cobie said: port 43 is a typo port 443 is what i was trying to write. "There is no try. Do or do not". 6 hours ago, Cobie said: Thanks for your answer, basicly you tell me that you do not know what ports are used or that the number of ports used are very large that a firewall is useless. cheers. No, he is basically trying to help you. I am also pretty sure that will end now seeing your general attitude, showing no gratitude at all. Have fun with YOUR(!) problem. 1 Quote Link to comment Share on other sites More sharing options...
karu [WDL] Posted March 7, 2018 Report Share Posted March 7, 2018 9 hours ago, Cobie said: Thanks for your answer, basicly you tell me that you do not know what ports are used or that the number of ports used are very large that a firewall is useless. cheers. You have wrong/limited understanding what firewall does. Firewall monitors outgoing packets and allows incoming responses for those connections. Thats even with incoming:blocked (correct linux wording is INPUT:DROP). Net7 server does not send random incoming packets to clients and so you do not need any special firewall configuration. If you configuring firewall manually then you do need to take care of certain things, but those are not related to net7. If you want to block outgoing traffic by default, then yes you do need to add proper rules (easiest is to whitelist sunrise IP than do it per port). "ufw enable" is all you need to have secure firewall under ubuntu. When you do need special treatment, is if you using stupid/broken router that "forgets" udp packets. Those fail to remember outgoing packets and drop valid incoming responses. In those cases you open incoming ports and do port forwarding to PC (ie DMZ). Flashing router with LEDE if you own the router is an option aswell. Quote Link to comment Share on other sites More sharing options...
Cobie Posted March 7, 2018 Author Report Share Posted March 7, 2018 10 hours ago, Zackman said: "There is no try. Do or do not". No, he is basically trying to help you. I am also pretty sure that will end now seeing your general attitude, showing no gratitude at all. Have fun with YOUR(!) problem. I stand corrected. i was not trying to flame anyone. I do know he is trying to help. What i do not understand is, why a port or portrange is (or can) not be given. and in his last reply and 1 earlier he tells me to whitelist the sunrise ip (also known as open every port to that ip). I have more understanding who firewall work then limited, and i have found in my work that if wanting to do wrong people can do wrong. that said opening a firewall with outbound rules does not protect me .... it protects you. like i said in my first mail, the game works like a charm under wine in ubuntu. as long as i open the firewall in the outbound direction. so my problem is limited. again not flaming just bad in english. Quote Link to comment Share on other sites More sharing options...
Cobie Posted March 7, 2018 Author Report Share Posted March 7, 2018 7 hours ago, karu said: You have wrong/limited understanding what firewall does. Firewall monitors outgoing packets and allows incoming responses for those connections. Thats even with incoming:blocked (correct linux wording is INPUT:DROP). Net7 server does not send random incoming packets to clients and so you do not need any special firewall configuration. If you configuring firewall manually then you do need to take care of certain things, but those are not related to net7. If you want to block outgoing traffic by default, then yes you do need to add proper rules (easiest is to whitelist sunrise IP than do it per port). "ufw enable" is all you need to have secure firewall under ubuntu. When you do need special treatment, is if you using stupid/broken router that "forgets" udp packets. Those fail to remember outgoing packets and drop valid incoming responses. In those cases you open incoming ports and do port forwarding to PC (ie DMZ). Flashing router with LEDE if you own the router is an option aswell. Thank you for your patience. My understanding about firewalls is more then average. I will just whitelist the servers ip on the outgoing as you say and leave it to that. Cheers Quote Link to comment Share on other sites More sharing options...
efialtis Posted March 10, 2018 Report Share Posted March 10, 2018 They should be whitelisted on the incoming and not the outgoing if at all. Something must be really messed up with your setup cause i never had to mess with any firewalls to play the game and i have gone through multiple installations over the years. Quote Link to comment Share on other sites More sharing options...
Cobie Posted March 13, 2018 Author Report Share Posted March 13, 2018 Efialtis, you do know that EnB only looks outside (so outbound)? once an connection has bee started from within the computer no firewall will block return data unless it comes from an unknown source (optional)? hench outgoing is needed to be opened not incomming. if you have been opening incomming connections where it is not needed... it tells something about you not me. Cheers. 2 Quote Link to comment Share on other sites More sharing options...
Kyp [LDEV] Posted March 16, 2018 Report Share Posted March 16, 2018 Hi Cobie, From our side, you need only open the ports that Zackman mentioned above as outgoing from your secured system/segment. This is what I have in our firewall system: Like he said, it is UDP communications. The 80/443 ports are only used for the browser component on the launcher and the auth processes to our web services. Hope that helps. I had simply originally defined this as both TCP and UDP, but that was just to get things up and running quickly without as much testing. This applies to any server we run the game service on. Quote Link to comment Share on other sites More sharing options...
Cobie Posted March 16, 2018 Author Report Share Posted March 16, 2018 11 hours ago, Kyp said: Hi Cobie, From our side, you need only open the ports that Zackman mentioned above as outgoing from your secured system/segment. This is what I have in our firewall system: Like he said, it is UDP communications. The 80/443 ports are only used for the browser component on the launcher and the auth processes to our web services. Hope that helps. I had simply originally defined this as both TCP and UDP, but that was just to get things up and running quickly without as much testing. This applies to any server we run the game service on. Cheers, this works like a charm. Cobie. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.