• November 01, 2024, 02:25:44 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: [1] 2

Author Topic: dir-655 allowing game traffic when it should not be doing so  (Read 23689 times)

buach

  • Level 1 Member
  • *
  • Posts: 10

hello,

i recently got a dlink dir655.

i have far cry, steam, and stalker installed, and i have not yet opened the ports necessary for these games to work online, but they do!!!!!!!!!

with my old router no game could get near the internet until i forwarded the ports. why is the dlink allowing traffic through? anybody else experienced this?

i have the dmz disabled, upnp is disabled, udp and tcp endpoint filtering are both set to Port And Address Restricted, and no ports have been opened in virtual server, port forwarding or application rules.

as far as i can see this should mean that these games should have their packets stopped at the router, but they are getting out to the games server, and the returning packets are being forwarded straight back to my machine.

is there something that i do not understand about this router? or is there a problem with it.

by the way i am in the uk so i am on the 1.03 firware (most recent). i have reinstalled the firmware about 3 times to check if this makes a difference, and restored all the settings manually each time, and still the same thing happens.

any ideas.

Logged

Lycan

  • Administrator
  • Level 15 Member
  • *
  • Posts: 5335
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #1 on: July 23, 2007, 12:53:52 PM »

it kinda seems like the UPnP is still enabled......that is odd.
you said you were using 1.03, what about 1.02, same issue?
Logged

buach

  • Level 1 Member
  • *
  • Posts: 10
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #2 on: July 23, 2007, 01:39:57 PM »

it kinda seems like the UPnP is still enabled......that is odd.
you said you were using 1.03, what about 1.02, same issue?


i haven't tried 1.02 to be honest. is there any disadvantage to this firmware before i try it.

i agree that it looks like upnp as well, because if i do a scan of the ports these games use at shieldsup (grc.com) everything is stealthed as long as the games are not running.

i don't even have upnp enabled on windows. don't like it.
Logged

buach

  • Level 1 Member
  • *
  • Posts: 10
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #3 on: July 23, 2007, 02:13:50 PM »

ok, i tested it with firmware 1.02. made sure dmz, upnp, were off and started up far cry multiplayer. connected to the server straight away and displayed the server list, and allowed me to join a server without any probs.

 ??? ??? ???
Logged

AWDL

  • Level 3 Member
  • ***
  • Posts: 335
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #4 on: July 23, 2007, 04:52:10 PM »

Outgoing, I have never had to open up ports for Steam. It could just be that the other games you mention do not require "special applications" or VS either for inbound "replies". Situation Normal.
Logged
Meanest person you know

buach

  • Level 1 Member
  • *
  • Posts: 10
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #5 on: July 23, 2007, 11:11:38 PM »

Outgoing, I have never had to open up ports for Steam. It could just be that the other games you mention do not require "special applications" or VS either for inbound "replies". Situation Normal.

sorry but this is not normal. far cry absolutely definitely requires ports to be opened. on previous routers, if i started far cry multiplayer without forwarding the ports, the computer would freeze as the game could not complete the task of connecting to its server for the server list.

if you check support at steampowered.com you will see that steam also requires tcp and udp ports to be opened. i have never tested whether it will work without these ports being opened on any of my previous routers though.
« Last Edit: July 23, 2007, 11:17:24 PM by buach »
Logged

mb

  • Guest
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #6 on: July 24, 2007, 06:11:54 AM »

For what it's worth, my son used to use networked games that required Steam and I never had to open or forward any ports. I'm thinking that we were using a Westell 327 ADSL gateway router at the time with it's firewall configured as active.
Logged

TQuach

  • Guest
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #7 on: July 24, 2007, 08:51:48 AM »

Aren't ports that are required to be open used for servers and not clients?

Back in the day when making a Counter Strike server, you needed ports

TCP Ports
27030-27039 
UDP Ports
1200,27000-27015 

to serve...  am I correct?
Logged

mb

  • Guest
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #8 on: July 24, 2007, 08:55:36 AM »

Aren't ports that are required to be open used for servers and not clients?
...  am I correct?

Now that I think about it, I think that you are, I may have infact changed the basic configuration so he could host...
Logged

ddwinell

  • Guest
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #9 on: July 24, 2007, 08:58:11 AM »

Outbound connections should not be blocked. If an outbound connection is established then any data coming back in on the same port to the same private IP should be allowed. If unsolicited traffic tried to come in on a closed port the packet would get dropped.
« Last Edit: July 24, 2007, 11:35:33 AM by GodTheHamster »
Logged

TQuach

  • Guest
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #10 on: July 24, 2007, 09:02:50 AM »

I agree with Master Hamster.  Kinda what I was trying to get to.. good wording.
Logged

buach

  • Level 1 Member
  • *
  • Posts: 10
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #11 on: July 24, 2007, 09:16:21 AM »

that is not the setup i am accustomed to from past routers.

to use vnc - even when the connection is initiated by me, i had to open port 5900.

to use bit torrent you need to open ports (although i think this is a listening port so the connection is initiated by others (incoming in other words).

and far cry has never worked for me on any other router without me opening the correct ports.
Logged

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #12 on: July 24, 2007, 09:48:47 AM »

To use a VNC client requires no ports opened.

Bittorrent is a bit of an odd ball as everyone is a server.

I know not of Far Cry.  I however checked Ubisoft's FAQ on the issue which claims you need ports to run the client.
http://ubisoft.custhelp.com/cgi-bin/ubisoft.cfg/php/enduser/std_adp.php?p_faqid=9411&p_created=1080241017&p_sid=fcRXJpHi&p_accessibility=0&p_lva=&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PWRmbHQmcF9ncmlkc29ydD0mcF9yb3dfY250PTUmcF9wcm9kcz04OCwxMDg2JnBfY2F0cz0wJnBfcHY9Mi4xMDg2JnBfY3Y9JnBfc2VhcmNoX3R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1wb3J0&p_li=&p_topview=1
It also mentions that the ports are usually opened up by the OS, sounds like they implement UPnP on the game itself to me.

And if I am not mistaken you do not need to have UPnP enabled in Windows to enable software to open up ports with it, at least if I was writing the software I would just send the requests regardless of whether the computer is seen as a active UPnP host or not.

Is UPnP disabled in your router as well as Windows?
Logged
non progredi est regredi

buach

  • Level 1 Member
  • *
  • Posts: 10
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #13 on: July 24, 2007, 10:14:18 AM »

To use a VNC client requires no ports opened.

Bittorrent is a bit of an odd ball as everyone is a server.

I know not of Far Cry.  I however checked Ubisoft's FAQ on the issue which claims you need ports to run the client.
http://ubisoft.custhelp.com/cgi-bin/ubisoft.cfg/php/enduser/std_adp.php?p_faqid=9411&p_created=1080241017&p_sid=fcRXJpHi&p_accessibility=0&p_lva=&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PWRmbHQmcF9ncmlkc29ydD0mcF9yb3dfY250PTUmcF9wcm9kcz04OCwxMDg2JnBfY2F0cz0wJnBfcHY9Mi4xMDg2JnBfY3Y9JnBfc2VhcmNoX3R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1wb3J0&p_li=&p_topview=1
It also mentions that the ports are usually opened up by the OS, sounds like they implement UPnP on the game itself to me.

And if I am not mistaken you do not need to have UPnP enabled in Windows to enable software to open up ports with it, at least if I was writing the software I would just send the requests regardless of whether the computer is seen as a active UPnP host or not.

Is UPnP disabled in your router as well as Windows?

yes upnp is definitely disabled in the router and windows. I have never liked upnp.

i see you are from dlink so i'd like to ask you this. is the dir-655 meant to allow all traffic / packets that are initiated by the local machine to get out to the net (of course i understand that once this initial request has been made the router will allow the returning packets through). is it behaving as its meant to when it allows far cry access to the net on these ports without me having to open them first??? if you could give me a definitive answer on this it would be helpful.

my previous experience of routers is that on non standard ports, even if the connection is initiated on the local machine, the router stops them getting to the net until you open the ports.

Just in case it is of interest, here is a list pasted from internet sessions while far cry multiplayer is running (these are all correct far cry ports).

192.168.1.2:1438   1438   70.86.93.4:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   195.4.105.4:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   84.60.213.6:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   89.132.48.7:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   205.189.26.10:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.236.101.12:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   213.91.167.14:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   75.126.113.17:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   75.126.113.18:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   75.126.113.18:49011   UDP   -   Out   128   285
192.168.1.2:1438   1438   75.126.113.19:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   62.104.19.20:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   75.126.113.20:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   75.126.113.21:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   189.13.143.21:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.14.221.21:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   91.96.91.23:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   62.104.164.25:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   70.168.137.27:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   84.233.233.27:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   84.233.233.27:49002   UDP   -   Out   128   285
192.168.1.2:1438   1438   195.4.106.30:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   82.238.12.31:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   70.85.237.34:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   70.85.237.34:49002   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.131.195.41:49002   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.131.195.41:49004   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.131.195.41:49011   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.131.195.41:49077   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.131.195.41:49088   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.85.43:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.85.43:49020   UDP   -   Out   128   285
192.168.1.2:1438   1438   81.0.237.43:49002   UDP   -   Out   128   285
192.168.1.2:1438   1438   81.0.237.43:49021   UDP   -   Out   128   285
192.168.1.2:1438   1438   81.0.237.43:49031   UDP   -   Out   128   285
192.168.1.2:1438   1438   81.0.237.43:49041   UDP   -   Out   128   285
192.168.1.2:1438   1438   76.2.30.48:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   84.244.147.59:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.14.216.63:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.85.65:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   193.192.58.72:49000   UDP   -   Out   128   285
192.168.1.2:1438   1438   84.244.147.76:49010   UDP   -   Out   128   285
192.168.1.2:1438   1438   84.244.147.77:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.85.79:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   84.244.147.81:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.83.85:49021   UDP   -   Out   128   285
192.168.1.2:1438   1438   62.104.92.85:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   69.12.53.86:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   195.4.18.88:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   62.104.171.89:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.14.218.91:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   85.14.218.91:49002   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.85.92:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.85.92:49002   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.85.92:49003   UDP   -   Out   128   285
192.168.1.2:1438   1438   90.6.225.94:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.84.96:49001   UDP   -   Out   128   285
192.168.1.2:1438   1438   80.86.84.96:49010   UDP   -   Out   128   285
192.168.1.2:1438   1438   84.94.230.98:49001   UDP   -   Out   128   285
Logged

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: dir-655 allowing game traffic when it should not be doing so
« Reply #14 on: July 24, 2007, 11:17:20 AM »

Yes all traffic outbound of the router is supposed to be allowed by default.  The problem is that in most games the server or other player you are connecting to will then try to contact you over a different and unrelated port, this is why port forwards are necessary for some games.  However it looks like the required ports (assuming the log above allows you to get online perfectly) are all outbound.
Logged
non progredi est regredi
Pages: [1] 2