OHM OMP Port Manager

OrbitHangar

OrbitHangar

Addon Comments
Joined
Apr 9, 2008
Messages
3,832
Reaction score
18
Points
0

Author: sfpilot

 when you start orbiter, it opens a port with UPNP. when you close orbiter, it closes the port. no hassle of router configurations necessary. just open with Orbiter.bat and enjoy playing with your friends on OMP

How to Install:
unzip the contents of this zip file into the main directory of orbiter... thats it, nothing more nothing less.
 
System Requirements:
an orbiter installation with OMP installed (it works without OMP, but its pretty useless)
a router with UPNP enabled (most routers have it enabled streight out of the box)


DOWNLOAD
 
Spacethingy said:
What, you mean like...

NO port forwarding?!
Click to expand...

No. Automatic port forwarding. If the router supports it...

Nice idea, sfpilot. Thanks for sharing!

regards,
Face
 
Although the BT Home Hub 2 says it uses UPNP, when I try and use it with bit torrent it throws error messages on the first attempt. so it supports UPNP, as long as you give it a few sec to sort its self out. not that this matters, as I've done the port forward myself
 
deltawing777 said:
Cool. Good job sfpilot :thumbup:
@face could or should this be incorporated into omp's coding itself?
Click to expand...

It could be incorporated, but I will not do that. I find UPNP to be a severe security problem and I don't want to be the author who's responsible for opening the n-th backdoor to user's computers.

If it is used by a third-party program, however, where the user knows that the sole purpose is to open ports on your system to let the wild in, it is fine for me.

Instead I'll focus on tunneling in this regards.

Nevertheless, sfpilot's addon here is certainly a nice addition to your hosting. I'd suggest adding a link to the web-page.

regards,
Face
 
Face said:
It could be incorporated, but I will not do that. I find UPNP to be a severe security problem and I don't want to be the author who's responsible for opening the n-th backdoor to user's computers.

If it is used by a third-party program, however, where the user knows that the sole purpose is to open ports on your system to let the wild in, it is fine for me.

Instead I'll focus on tunneling in this regards.

Nevertheless, sfpilot's addon here is certainly a nice addition to your hosting. I'd suggest adding a link to the web-page.

regards,
Face
Click to expand...
Good point Face, As far as posting that on OMP website you read my mind. I will try to do that this afternoon. Axe may have already of done it for all I know but anyways "You da man Face!" take care of that knee :cheers:
 
I'm glad this addon has been found useful, I was worried that it might not work on as many routers as i thought it would (i'm pretty sure that it works on most store bought routers though).

@face: i actually agree with you about not including it directly inside OMP because it does actually stand as a security problem. I have also been looking at other methods of NAT traversal like STUN or ICE which would probably not be as bad of a security problem. These methods do look more promising
 
sfpilot said:
I have also been looking at other methods of NAT traversal like STUN or ICE which would probably not be as bad of a security problem. These methods do look more promising
Click to expand...

STUN is what I use already for the "Standard" method. As you can see, it doesn't work for most modern routers, unfortunately. On a side note, STUN (Simple Traversal of UDP over NATs - to cite one of the many acronym descriptions) is only a protocol specification for connection type exploration. I.e. it is a simple state machine to determine the connection route's capabilities regarding NAT traversal.
The actual method is using the same port for receiving as you used for sending, simple as that.

ICE is about the same, but additionally features solutions for P2P networks as opposed to client-server networks as favored by STUN. In the end it uses the same method, though... sending and receiving on the same port.

I think the only real solution is to have a fallback TCP tunneling system. First try STUN, then use TCP tunnels. If this fallback gets slower with many clients, "power-users" can always use the port-forwarding solution with fixed ports.

regards,
Face
 
interesting, if STUN can't do it, and ICE can't do it, i wonder how programs like Skype do it?
 
sfpilot said:
interesting, if STUN can't do it, and ICE can't do it, i wonder how programs like Skype do it?
Click to expand...

IMHO, Skype just uses a similar protocol to H.323, even if no description states so (the exact specification is still closed IIRC): TCP session initiation and UDP streaming.
The NAT problem is solved by a supernodes concept that relay packets from clients behind symmetric NATs... for UDP. Judging by Wireshark, I'd say they do what I already plan to do... fallback to TCP tunneling with multi-channel distribution on encountering stateful NATs.

There is no magic there, trust me.

regards,
Face
 
Ok so I Tested this plugin. But running the server also Not sure of outside connections because I am on a lan with the server. So with that said this is what I did. extracted a copy of plugin to server client and my game pc client. Went into my router and turned off DMZ and Disabled all port forwarding. I then Enabled UPnP in my router. Started orbiter on BOTH server and game pc using the *.bat file. I connected in OMP,synced and was able to see server and game pc deltagliders.All was good. Now here is the thing I then disconnected both server and game pc clients then re-launched OMP WITHOUT the plugin .bat file. I still connected fine. So long story short..I don't know if it works or not I can't tell. It appears from my perspective that just enabling UpNP in the router was enough but being on a lan with the server and nobody outside of lan connected its hard to tell at this point. So maybe somebody can take a little time and try it. I am unable to determine anything at this point
 
While testing, I encountered this error message. Shows up every time right after the PortManager's attempt to open a port. I expect similar message shows for an attempt of closing a port.

error.jpg


The most simple explanation might be that my router is not compatible, or is this a bug?
Anyway, Orbiter then starts up normally, but as my port is not open, OMP won't synchronize.
Note: I closed the 2502 port prior to testing the PortManager.
 
Apolgies for this repeat of my previous post...

I would like to have a go with this addon, as I am pretty much useless when it comes to routers and complex connection things.

However, I'm a bit worried about Face's comment here:
I find UPNP to be a severe security problem and I don't want to be the author who's responsible for opening the n-th backdoor to user's computers.
Click to expand...

I have I misunderstood, or is this addon a bit risky?
 
Have you even tryed it to see if it works? It may not be the most secure way of gamming. Me personaly I am not to worried about it. Not like I am a millionaire or anything. If somebody does get into my computer there's nothing there that would really intrest them anyways. All this does is auto config a UDP port to open and then closes it when orbiter shuts down. Its designed for convienence for the user to not have to go into his router and set a port manually. So IMHO is no different then what we have been doing all along. A open port is a open port whether its forwarded manually or auto. But at least this will close it for you when you are done with OMP. Hard to tell at this point because so far there is no conformation that it even works. Maybe Face can shed a little more light on the UPnP security thing for us.
 
Last edited:
deltawing777 said:
Maybe Face can shed a little more light on the UPnP security thing for us.
Click to expand...

Well, I'd say it is pretty obvious. UPnP allows intranet computers to open ports in the firewalls and/or routers of the subnet without user confirmation. Let's say the addon is done by a malicious individuum... guess what it would do behind your back?

I'm not saying that sfpilot's program is such a thing, mind you. Nor do I say that it is a security risk per se, just that I find the whole concept a security risk. You don't have to take my word for this, just fire up Google, enter "upnp security risk" and get your own opinion about it...

I simply do not want such a questionable mechanism in OMP, that's why I will not incorporate it in. It is no silver bullet, either, as Axertan and you already found out.

regards,
Face
 
Face said:
Well, I'd say it is pretty obvious. UPnP allows intranet computers to open ports in the firewalls and/or routers of the subnet without user confirmation. Let's say the addon is done by a malicious individuum... guess what it would do behind your back?

I'm not saying that sfpilot's program is such a thing, mind you. Nor do I say that it is a security risk per se, just that I find the whole concept a security risk. You don't have to take my word for this, just fire up Google, enter "upnp security risk" and get your own opinion about it...

I simply do not want such a questionable mechanism in OMP, that's why I will not incorporate it in. It is no silver bullet, either, as Axertan and you already found out.

regards,
Face
Click to expand...
Thanks face. You are working on some kind of tunneling system I believe anyways right? So I guess we can just wait on that to be finished. Let me know if you need any help testing.
 
Spacethingy said:
I have I misunderstood, or is this addon a bit risky?
Click to expand...

Sorry for overseeing your question twice :facepalm:. So here comes my opinion on sfpilot's program:

No, the addon itself is not risky. But the service it uses is risky IMHO, if activated in your router without thinking twice.

You have to be aware that the port manager uses UPnP, which have to be supported by all firewalls/routers in your chain to the internet. If your have such a chain, you should be aware of the implications... that EVERY program in ONE of your local computers could create ANY port mapping it wishes to. That may include the casual flash-game with nice graphics and a small subroutine that searches for your local SMTP server, only to create a pretty little forwarding of port 25 to that machine, making your public IP a black-listed spam relay.

OK... maybe I'm exaggerating it a bit now, but I think you get what I mean here.

regards,
Face
 
You must log in or register to reply here.

Similar threads

Boxx
Question Time acceleration management
Replies
7
Views
3K
Boxx
Boxx
dgatsoulis
Project Orbiter MediaPlayerMFD open for testing [CLOSED]
Replies
12
Views
5K
dgatsoulis
dgatsoulis
Mark Rober Fan
  • Sticky
Tutorial [Resource] Orbiter 2016 – Verified Download Mirrors (Wayback + Forum Archive)
Replies
6
Views
9K
Mark Rober Fan
Mark Rober Fan
Matias Saibene
Discussion Volunteers needed to test XR2 on Linux
Replies
1
Views
2K
Matias Saibene
Matias Saibene
dgatsoulis
Project VideoPlayerMFD -- Test thread [CLOSED]
Replies
7
Views
4K
misha.physics
misha.physics
Back
Top