Need clarification on XMPP used tcp 5222

Hey ED,

I just kicked in my Linux Debian based Gateprotect GPA-400 Firewall that works on "BLOCK ALL BUT ALLOWED" basis and 10308 tcp and udp ( if udp is needed at all I dont know yet, well it would make sense since it has less overhead ) alone would not let me connect to the Master Server. So I checked my blocked access list and found your eagle.ru IP Address with Port 5222-tcp being blocked !

WHY is this not mentioned in any "How to setup your SECURE network properly to be able to play and host DCS" ????

This is mandatory and one cannot expect from network noobs to be able to track this down. XMPP is used by chat clients, MS, ICQ etc...

Does one need a 5k€ Firewall to find this out ?

What ports, port ranges and protocols are needed to set up and play DCS as CLIENT & SERVER behind a BLOCK-ALL firewall.

Many good hosters advice you to use their BLOCK-ALL firewalls as well.

You can turn it OFF if you dont know how to deal with it and most will likely do so when networx get too complicated and info comes like water to the sahara. If you turn it off and your hosters calls you one day telling you your server got blocked because they sensed lots of "strange" traffic on your Server, THEN you know why you should have configured ONLY those ports needed IN- and OUTBOUND.

Anything else is non professional.

I would like to see a STICKY thing stating ALL PORTS & PROTOCOLS used by DCS. Nothing less and nothing more. I will find it out before you can answer me but it's your job to provide this info to the community.

Bit

Indeed, connection to master server is utilising XMPP.

 

It's the first time anyone asks about rules for block-all firewall. Ports and protocols used are not a secret. Glad you asked. Here's the list:

 

DCS uses outgoing conenctions to

HTTP http://www.digitalcombatsimulator.com:80

HTTPS http://www.digitalcombatsimulator.com:443

XMPP master.eagle.ru:5222

 

For multiplayer game traffic DCS uses both TCP and UDP on port 10308

 

That's all.

 

P.S. "Does one need a 5k€ Firewall to find this out ?" http://www.wireshark.org/

Haha

gold old ethereal...now called wireshark.

I just happen to have one for free cause I sell them too and the one I have is a "return for renewal" thing... for my "private" needs I tend to have things like ipcop or just a Fritz!Box.

It is a pain to have a Block-All appliance in a family scenario.

KitchenCommand would kill me if I would route KitchenTraffic through a Gateprotect WAAHAAA

I need to have it set up in my office as I have sensitive stuff I deal with and BDSGII ( our stupid german data security law ) demands to have such a device if you don't want to fall short in court in case things happen.. but that is very specific and not relevant for most users....but it is also to nice to play with cause it can do nice things in Multi-WAN setups and filtering. The price tag makes it obsolete for end users like you and me when we grab the joystick, that is for sure the main killer.

Anyway, thanks for your help and you might wanna put the info you posted somewhere STICKY :)

Bit