xboxscene.org forums

Pages: [1] 2

Author Topic: Xlink Kai & Firewall Settings - Port Flood!  (Read 90 times)

feflicker

  • Archived User
  • Hero Member
  • *
  • Posts: 1692
Xlink Kai & Firewall Settings - Port Flood!
« on: November 09, 2004, 06:01:00 PM »

My Setup:

Port Forward (Kai Port): 8602 (shared with XBC)
Kai Deep Port: 0


I had to open up outbound traffic for ports TCP/UDP 34525 & 34523 before it would even let XLink Connect...

Now that it is connected it also wants to use TCP 2451 and TCP 2418.

It is also asking for UDP 3000. And now TCP 21 and TCP 1974... Now TCP 2457 and 2458...

If I sit here and just let this thing go, it seems to just randomly connect outbound using random ports!

==========================================

I restrict outbound traffic, except for services (ports) that I allow, on my firewall. I don't just restrict inbound, but outbound as well (I basically run corporate level security at my home).

I am trying to make a firewall rule for Xlink (for the outbound traffic), however it seems to just randomly use outbound ports!

As far as inbound, that was easy, I just forwarded TCP/UDP 8602 and set it as the "Kai Port".

My problem is with outbound! Which ports does XLink ***NEED***! Is there a port range that I need to open?

I really want to use Xlink, but I am not willing to disable my firewall just to use it...

Thanks in advance, I have searched for this info and not had much success!
beerchug.gif
Logged

DOS4GW

  • Archived User
  • Hero Member
  • *
  • Posts: 1162
Xlink Kai & Firewall Settings - Port Flood!
« Reply #1 on: November 09, 2004, 11:39:00 PM »

No, Xlink doesn't need a port forwarded. It's only recommended that you forward a port for Xlink.

It's up to the user what port he forwards, however even if 8602 is unused I urge people to stay away from using such low numbered ports. Normally we recommend 30000. IANA however recommend port 49152 to 65355.

If you forward port 30000 udp to the pc running the Xlink engine you should also enter that port in the "Kai port".

IANA

Using several ports is not equal to ports flooded. If the ports are flooded you should have a look in the firewall log - you're most likely dosed.

What firewall have you got? The rule is to accept all traffic on the chosen port.
Logged

feflicker

  • Archived User
  • Hero Member
  • *
  • Posts: 1692
Xlink Kai & Firewall Settings - Port Flood!
« Reply #2 on: November 10, 2004, 12:33:00 AM »

DOS4GW, thanks for the reply but maybe I can be a little more clear on it...

My problem has nothing to do with the port forward. I am using 8602, it is working fine. I am not seeing any problems with incoming traffic. I have TCP/UDP 8602 open for inbound and outbound traffic...

My problem is that Xlink is trying to make connections OUTBOUND on several ports, which seem to be *random* TCP/UDP ports. (I had to open 34525 & 34523 just to get Xlink to be able to login...)

I need to know which **outbound ports** Xlink requires to operate, so that I can create a policy to let Xlink out of my network  wink.gif


Logged

DOS4GW

  • Archived User
  • Hero Member
  • *
  • Posts: 1162
Xlink Kai & Firewall Settings - Port Flood!
« Reply #3 on: November 10, 2004, 01:13:00 AM »

That's UI dependant. The engine in itself only use the chosen port, if routed, for game data.

The UI can use both hyper text and chat.

Xlink only require one port.

However, Xlink will allways connect to the port what ever it is on the other end. If you use 30000, another user use 60000, and another user again use 50000, you will have outgoing traffic to the destinations port 50000 and 60000, but trough your port 30000.
Logged

mikeylbl

  • Archived User
  • Newbie
  • *
  • Posts: 19
Xlink Kai & Firewall Settings - Port Flood!
« Reply #4 on: November 10, 2004, 02:52:00 AM »

I have a dlink 624 router.. these are my settings and everything works perfect with kai in my xbmc

I have port 8602 XBC UDP and TCP using my PCs ip addy ..
* each was set up on its own space.. dont select "both" in your router software..

in my kai..

both of my ports are set a "0"

everything works perfect.. so all u ppl u have dlink 624.. this is how mine looks

enjoy!!

Mike
Logged

feflicker

  • Archived User
  • Hero Member
  • *
  • Posts: 1692
Xlink Kai & Firewall Settings - Port Flood!
« Reply #5 on: November 10, 2004, 09:39:00 AM »

QUOTE
That's UI dependant. The engine in itself only use the chosen port, if routed, for game data


Ok, so you are saying that all of the other TCP/UDP connections Xlink is trying to make will not effect gameplay? As long as my "Kai Port" works, it will work?. So I should just ignore all these other superfluos connections?


QUOTE
However, Xlink will allways connect to the port what ever it is on the other end. If you use 30000, another user use 60000, and another user again use 50000, you will have outgoing traffic to the destinations port 50000 and 60000, but trough your port 30000


That is not what I am seeing. As I stated above, Xlink is trying to connect outbound using **random** TCP and UDP ports. I have no idea what it is trying to do.

If you want to reproduce this behavior, all you have to do is block all outbound TCP/UDP traffic from your LAN to the WAN and watch the firewall log. Fire up Xlink and watch all the outbound connections on random ports it is attempting to make. It *DOES NOT* just use the "Kai Port", in my case TCP/UDP 8602.

On a side note, the only other application I have ever seen behave this way is KaZaa (back in the day before P2P went to the crapper). sad.gif

===========================================================

QUOTE
I have a dlink 624 router


I have one of those I use as a wireless switch. The firewall in the DI-624 doesn't block outbound traffic unless you configure it to do so... Most people don't do it because they think they only need to block incoming traffic. Anyway, thanks for the info, it might help someone else...

===========================================================

Since people seem to think the firewall you are using is relevant, I have reproduced this behavior on (3) different firewall appliances.

1) Dlink DI-624 Revision C
2) Dlink DFL-300
3) Nokia IP440

BTW, I am using the latest version of Xlink Kai.
Logged

DOS4GW

  • Archived User
  • Hero Member
  • *
  • Posts: 1162
Xlink Kai & Firewall Settings - Port Flood!
« Reply #6 on: November 10, 2004, 03:33:00 PM »

As I said, the engine only requires one port for game play.

I see you mention port 21 up there, I think you're listing all open connections regardless of what applications use who.
Logged

feflicker

  • Archived User
  • Hero Member
  • *
  • Posts: 1692
Xlink Kai & Firewall Settings - Port Flood!
« Reply #7 on: November 10, 2004, 05:16:00 PM »

QUOTE
I see you mention port 21 up there, I think you're listing all open connections regardless of what applications use who.


Nope. Just Xlink. Strange it tried to get out on the FTP port, eh? It tries to get out of the network, and if it can't, it apparently just keeps trying random ports (including server ports) to get out of the network...

Arg, I hate doing this (sounds so pompous), but sometimes you need to say it: I've worked in IT for almost 6 years now, working on networks, so I have a pretty good grasp on Firewalling  wink.gif

Like I said, 8602 is working properly for my "Kai Port", so I will try to see if it will work with just that port (and ignore all the other connections it is trying to make out of my network...)

I wish someone knew what Kai was trying to do with all those TCP/UPD connections, and which ports Kai will try to use...
Logged

DOS4GW

  • Archived User
  • Hero Member
  • *
  • Posts: 1162
Xlink Kai & Firewall Settings - Port Flood!
« Reply #8 on: November 10, 2004, 05:19:00 PM »

What ui are you using?
Logged

feflicker

  • Archived User
  • Hero Member
  • *
  • Posts: 1692
Xlink Kai & Firewall Settings - Port Flood!
« Reply #9 on: November 10, 2004, 11:52:00 PM »

Xlink Kai Evolution 7. I am using the latest build from http://www.teamxlink.co.uk/.

This is what I downloaded:
http://www.cumdropz....linkkaievo7.zip

I am using the UI on Windows XP. I am not using XBMC,AVA, etc... Just using the UI on the PC...
Logged

DOS4GW

  • Archived User
  • Hero Member
  • *
  • Posts: 1162
Xlink Kai & Firewall Settings - Port Flood!
« Reply #10 on: November 11, 2004, 12:52:00 AM »

My guess is that the random ports you see are http such as Xlink auto updates, profile browsing, ladders, etc.  - as you know http use random ports.
Logged

feflicker

  • Archived User
  • Hero Member
  • *
  • Posts: 1692
Xlink Kai & Firewall Settings - Port Flood!
« Reply #11 on: November 11, 2004, 04:10:00 AM »

QUOTE
My guess is that the random ports you see are http such as Xlink auto updates, profile browsing, ladders, etc. - as you know http use random ports


I think you are right, I mostly get this traffic while browsing through the arenas...

I don't have any other explanation at this point  tongue.gif
Logged

feflicker

  • Archived User
  • Hero Member
  • *
  • Posts: 1692
Xlink Kai & Firewall Settings - Port Flood!
« Reply #12 on: November 11, 2004, 11:03:00 AM »

QUOTE
You just need tell your firewall just to allow every *ougoing TCP port* from Kai


Hmm... I don't think I can do that. That is more of a function of a software firewall. Hardware firewalls are "service" based, not "application" based.

I might be able to just allow all outbound traffic to the Kai Server's IP, I will try that (hopefully that IP stays the same?)



Logged

feflicker

  • Archived User
  • Hero Member
  • *
  • Posts: 1692
Xlink Kai & Firewall Settings - Port Flood!
« Reply #13 on: November 11, 2004, 11:11:00 AM »

Nope... The destination IP addresses are always different... Can't just open all traffic to one IP...

It looks like I am just gonna have to live with denying these packets, as long as Kai works for games I guess I don't really care  huh.gif
Logged

SeaWolf69

  • Archived User
  • Newbie
  • *
  • Posts: 16
Xlink Kai & Firewall Settings - Port Flood!
« Reply #14 on: November 25, 2004, 04:18:00 AM »

Hey guys,

Just coming on the tail end of this thread. I have a D-link Dl-624 4 port router hard wired to both my xbox and windows xp pro pc w/sp2. Downloaded the latest version of Kai from the site, so that can't be the problem as it auto updates each time you fire it up. The diagnostics states that it is both Network reachable & configured successfully, but I can't see any games? I can see other users pings, the different arena's, etc...  I have tried normal kai use & dashboard option via XBMC as well. Tried all the NIC settings as well.

[KaiUserConfig]
kaiPort=0
kaiDeepPort=0
kaiAccept=any
kaiTimeout=Never
kaiNIC=0
kaiLaunch=BOTH
kaiHomebrew=OFF
kaiPAT=OFF
kaiAutoLogin=on
kaiWireless= n/a
kaiUI=Default


 I also have had an issue with Norton's 2005 Antivirus worm protection, keeps prompting me to permit internet access when I fire up Kai, it will keep doing that until I diable the worm protection feature. I have tried just about every setting, tried excluding kai in both Norton's & xp's firewall. I have even tried disabling both Norton's & xp firewall? Still can't see any games? I want to get this thing going, I would like to know your thoughts on the subject? I have even tried it on my windows xp 2.20ghz p4 laptop, but still the same problem? Also, how do you allow 0.0.0.1 IP full access like it says in the faq? Any help would be greatly appreciated. Thanks...

SeaWolf69

p.s.

I have filled out a help request and hopefully I will get this up & running via teamxlink moderator, but I will continue trying on my own, so if any others can help that would be great!
Logged
Pages: [1] 2