Curse

Nalia · Aug 04, 2010, 10:15 AM // 10:15

Although Ventrilo is not an ArenaNet product, it is commonly used for voice communication with guild wars players. My specific problem is that i have a highly restrictive port blocking firewall (ipfilter on linux) that stops me from connecting to ventrilo servers until i put my machine in the dmz.

It appears that port 6100 udp is used for controlling data between the server and client to determine if the server is online and allow synchronizing with it. I have added rules to allow all outbound traffic destined for port 6100 udp and all inbound traffic originating from port 6100 udp. Ventrilo also uses both tcp and udp to communicate via the port specified for the server you are connecting to. I have set rules to allow both udp and tcp traffic to and from these servers by address specifically.

Local port always seems to be a random port 1024 and above so I added to allow for local ports exceeding 1023. the initial random port is generated and used from startup of the client and all subsequent random ports are generated on the fly. i am able to load vent client and have it "see" the server I wish to connect to as being online and using wireshark can monitor traffic to and from the server. when attempting to connect to the server the client hangs on "synchronizing" and never actually connects via tcp. As a matter of fact it never even sends the initial syn packet via tcp that is normally present when my system is in the dmz and can successfully connect.

I have tried to force proxy ventrilo using various wrapper softwares that hook the network api calls of the target application and force proxying of the traffic. Ventrilo seems to be resistant to these types of software as does ts3. i coded a custom network driver that hooked the winsock drivers and attempted to capture the traffic before it left the machine to force a proxy that way and apparently i am not proxying all of the Ventrilo traffic. As far as I know I am capturing all relevant packets for the Ventrilo client but cannot find what is causing this problem. I ran a secondary machine on the network in promiscuous mode to make sure that there wasn't something built into Ventrilo to disable the ability to view certain packets and I found nothing out of the ordinary.

Any further assistance in this matter would be helpful if you know how to fix this. I have been to numerous websites concerning this matter and i either get no response or they simply point out that proxying a Ventrilo connection would be a security liability and ignore the rest of the problem.

Riot Narita · Aug 04, 2010, 10:25 AM // 10:25

I've had similar problems with newer versions of vent. Older versions did not seem to have any problem. I never found a solution, that didn't involve putting it outside the firewall, or disabling the firewall... but I also didn't go to the extroadinary lengths that you have, to make it work.

Mostly it wouldn't connect at all... sometimes it would work for 10 minutes then disconnect... sometimes it would completely freeze my PC, sometimes it would do some strange and suspicious things to my PC. Eventually I uninstalled it - actually, I wiped my system drive using an image that had never had Vent installed. I did not want to compromise my strict security just for Vent (NB. I have not had firewall problems with any other software, it's only Vent)

I now favour the open-source Mumble instead - no problems using that, and it has some features that I consider superior to Vent, TS etc. But of course, convincing your teammates to switch voice comms can be a problem.

BTW, try hitting the enter key occasionally when typing, it will make your wall of text more reader-friendly. And I expect this will get moved out of Riverside to the tech forums, where it should have been from the start.

Ellix Cantero · Aug 04, 2010, 11:08 AM // 11:08

Mumble.

Vent is old, restrictive, not multi-platform, etc. etc.

*lemming* · Aug 04, 2010, 12:12 PM // 12:12

Quote:

Originally Posted by Ellix Cantero

Mumble.

Vent is old, restrictive, not multi-platform, etc. etc.

Vent is used 99% of the time for PvP activity that demands it.

Quaker · Aug 04, 2010, 04:15 PM // 16:15

Since I don't have much experience with Linux and even less experience with Linux firewalls, my only advice would be to get some other firewall. It sounds like you have so many ports open now that the firewall is not that effective any more anyway.

If that's not an option, then, does the firewall have an exception list that you could add Ventrilo to? (I assume not)

Mumble - never heard of it, but I'll have to look into it.