Curse

L33TNeMiSiS · Nov 27, 2007, 09:14 AM // 09:14

Heya

I'm running a self-made linux router. I've opened up all udp ports in and out and i''ve opened port 6112 and 80. I've been playing gw for the entire day and not a single packed has crossed over port 6112. Any ideas why this might be? A Friend said it might be that gw feels like it's being firewalled. If so is how will i be able to fix it for monitoring purposes?

Haskell · Nov 27, 2007, 05:14 PM // 17:14

6112 & 80 are the remote ports of GW. The GW-server waits on those ports for incoming connections. You don't need Portforwarding at all to play GW & should NEVER forward any ports you don't have to - way to destroy the security NAT provides; Don't configurate things you have no clue about. Besides that GW is using TCP.

L33TNeMiSiS · Nov 28, 2007, 07:31 AM // 07:31

I'm a Senior Unix System Engineer Running a default deny firewall I've put my adsl interfaces in masquerade mode and told it to forward anything from my ip address destined for port 80, 6112 to the dsl interfaces. And to allow anything from the internet to my local pc that is in the ESTABLISHED state. If i do a iptables -L -v -n. I can see loads of traffic(packets) going over port 80 but not a single packet the entire day over port 6112.

Matsumi · Nov 28, 2007, 02:10 PM // 14:10

It's been quite a while since I've played, but I imagine that if you're seeing a ton of packet information only on port 80 it's most likely from a web update server and not the actual gaming server. Meaning, you're probably just downloading any available updates to guild wars, but until you actually log in an start playing you won't see anything coming across port 6112. You could maybe try doing an -image switch to check and see if the packet information then switches over to port 6112. Back when I used to play all the packets I saw coming in were from 6112 and not 80 though.

L33TNeMiSiS · Nov 29, 2007, 07:45 AM // 07:45

I have a shortcut i use to update my gw client (using -image on the shortcut). But on the day in question I didn't download any updates (game was already up to date). And I played for about 10hours that day. Still NOT even 1 Packet on port 6112. Checked again last night same thing .. everything seems to go over port 80 .. When i get home tonight I'll give a packet dump.

Haskell · Nov 29, 2007, 11:48 PM // 23:48

The difference between DEST and SOURCE is so hard to get?

"Senior Unix System Engineer"

p.s.: I wonder why you should get any traffic over :80 - that would be only the case if you run a Webserver or if you run any other service on this port - which would be stupid in your position. :-)

L33TNeMiSiS · Nov 30, 2007, 08:45 AM // 08:45

GW uses port 80 as a destination port from my router. If you dont believe me go check the gw site. I was merely wondering why I'm not sending any packets on port 6112. I think it might be that your pc itself SEND packets through port 6112 but only receives packets through port 6112. Which would make sense(they would be in ESTABLISHED state). Does anybody see any packets getting send to port 6112 or only packets received on port 6112?

Haskell .. I think i might be misunderstanding your point. What are you getting at? I'm not showing off it's merely my current job title(says so on my business card :P). It serves to show that I do know a thing about firewalls, that it's not a simple matter of just clicking away at a Zone Alarm query saying "Do you wanna allow this service?". Port 80 is the Destination port(Meaning GW servers) not the source port. Here is a quote from an official playNC support ticket(http://www.plaync.com/us/support/doc...p_faqid=3104):
"If you are using a router, please open and/or forward both TCP port 6112 and TCP port 80 within their settings. If you are connecting to Guild Wars while on a campus or business network, please consult your network's administrator to verify that these ports are available."

Does anybody have some information regarding the ports and traffic directions?

Haskell · Nov 30, 2007, 11:24 AM // 11:24

Network basics:

- You start GW.exe on your PC
- Gw.exe generates a packet with: Source-IP: 192.168.0.2 (example), sourceport 1050 (this port is assigned by your OS) TO: 206.127.145.18 (example), destport 6112 and it get send to your default gateway (router).
- Your router will do NAT. Source-IP will be the IP you get from your ISP after that. For example 65.55.55.55 and a different port again (let's say 3000). Your router has a list (NAT-table) where it logs from which internal IP which packet came - so the router will know all the time which internal IP to assign for the reply
- The GW server will listen on port 6112 and wait for our packet. Once it reaches the server he will see: source 65.55.55.55:3000 to dest 206.127.145.18:6112
- and reply from source: 206.127.145.18:6112 to dest: 65.55.55.55:3000
- router will translate: source 206.127.145.18:6112 to dest 192.168.0.2:1050

As you see, your local port will be all the time 1050 on your PC. On the router the same. There is no inbound-traffic with dest: 6112.

Forwarding ports is something totaly different. Let's say you run a web-server on your PC port 80 - then the router would have exactly no info which internal IP to send the packet, because he has nothing in his NAT-table. Solution: forwarding: You pre-define a port and every packet, that reaches this local port 80 on your router get's automaticly send to a specific internal IP. Now you have inbound-traffic over port 80.

The NC-Soft statement is misleading. They just say it, to make it work for dummies who might have some very special bad routers that also block outbound ports by default and release this firewall-rule if you use forwarding. Or - which is often the case, a university has also special outbound-rules for their firewall (filtering dest-ports). A network-admin would know which kind of port is meant and that he has to allow dest-port 6112 (80 is allowed anyways).

And the support can't explain it for every special case in the world. So they rather say it this way - even if it's technically false.

l3j · Dec 05, 2007, 02:45 PM // 14:45

Guild Wars uses the TCP protocol for its communications. All of the servers the client interacts with listen for client connections on both ports 80 and 6112. When the client first connects to the file server it selects one of the two ports and attempts a connection. Should the connection fail the client will attempt to connect on the port it has not tried yet. It will use whatever port it selected for the file, login, and game servers. The client will use this selected port when GW is next started for its first connection attempt.

Chthon · Dec 05, 2007, 08:43 PM // 20:43

Quote:

Originally Posted by l3j

The client will use this selected port when GW is next started for its first connection attempt.

So, to force traffic onto 6112, L33TNeMiSiS need only temporarily block 80 and then start the client?