Topic: Software Firewall Lessons I learned... (Read 1007 times)

Julin Eurthyr · « **on:** April 28, 2006, 07:36:46 am »

I used to work at a help desk for cable / dial-up internet customers.

Averaging something like once a day, I'd get calls where a person would connect for something like an hour, then lose connection. Our DHCP servers were configured to initiate a DHCP lease renewal on an hourly basis.

Most every case (99%) that was being affected in this way had a software firewall, which had been installed for a "significant" length of time, usually 6 months to a year. The other 1% of the cases were probably hackers / pron lovers who drew severe "unwanted attention".

IIRC, software firewalls have a "heuestic learning" system that processes all the activity, and develops a protection scheme. Eventually, this system would kick into an "overagressive" mode, blocking all communications that weren't specifically requested by the user.

I'm starting to suspect the D2 works differently than we suspect, instead of the server setting up all the pathways for the match, it's the host's computer that does all the work, probably because it's the host computer that's setting up the mission parameters, AI, terrain, etc. etc. An "overly protective" firewall will see the host's attempts to confirm the player's existance as a "hostile intrusion", and block the connection (leading to long lag at mission start, dropped players, etc.)

At the call center, simple, periodic unistallation of firewall, reboot, reinstallation of firewall would clear up the issues till the heuestics got all agressive again 6-12 months later (unless it was that professional pron seeker...)

Since we get that level of mix-mash here (non-agressive SW firewall allows play, more agressive SW firewall blocks connections / player initiated TCP/IP - Gamespy connections allowed while host-initiated D2 games give periodic grief), perhaps a request to reinstall the SW firewall prior to every server should be in order, and it should (if my theories still hold) help clear up the connection problems SW firewalls cause...

Dizzy · « **Reply #1 on:** April 28, 2006, 08:42:19 am »

It wont be an issue. Players will be required to turn off their firewalls for dyna sessions.

Julin Eurthyr · « **Reply #2 on:** April 28, 2006, 09:03:36 am »

Okay.

My company never officially supported firewalls. When we did the "download a free firewall thingy", we also referred all firewall issues back to the manufacturer.

Also, once they got "overly agressive", simply disabling the firewall didn't work, the blocks put in place stayed. Until the firewall was completly unistalled, or they had a spiffy enough firewall to manually allow the DHCP servers, they couldn't get an IP address short of rebooting.

To top it off, I'd say 80% of the people with these firewalls were so paranoid that they didn't want to unistall the firewall long enough to reboot and reinstall the firewall. They thought the 5 minutes they were "unprotected" was enough to hork their computer permanently. I had come up with enough lines to convince these people otherwise.

Look at how hot this issue's already becoming. History proves that the paranoid people, faced with a "my way or the highway" attitude concerning firewalls will decide that not playing and being safe is more important than losing a computer while playing. Even though the odds of an attack are approaching lottery-esque levels (I'm with Bonk, years and years of no SW firewall & no hacks hitting PC. Other people's mileage will vary.)

Hence the entire reason I even posted this suggestion, anything simple that should work to improve stability while showing concern for the fellow players is a good thing in the first place.

If / when I do get my Solinica server rolling, I'll use it as a testbed for this firewall fix, unless someone else decides to do so first.

Grim · « **Reply #3 on:** April 28, 2006, 01:23:43 pm »

Sounds like a great idea Julin

News: