What I mean is like servers on video games. You can run an application and it will set up a server on your computer with an IP and a port.
For example, how would you make an application where one host application sets up a thing where it has an IP and a port, and another computer that has access to the internet as well can type in the IP and port and it would be able to communicate with the host? I mean simple communication, like sending a boolean or String.
And would there be any security problems that would be needed to fix?
I guess I grasp the concept of your question...
You want two computers to connect via internet right? If that is the case, then you will have to use a thing called "sockets" that do connections between computers. About the server thing, well, for starters the client must always know what IP the server as (direct IP or by a DNS), and then you can connect your client to your server. There is a tutorial for sockets at the java pages: http://download.oracle.com/javase/tutorial/networking/sockets . About security issues, well, you must make sure that your server can handle anything that comes from the client (i really mean everything), i mean, accepting every type of data that is supposed to receive and deny everything that is not (trash per say). If you have that in mind then there is no problem (and of course, the server must have a firewall also to control the sockets, but that's not up to you).
Here is an example of how to use sockets to send a string from a server to a client.
http://www.java2s.com/Code/Java/Network-Protocol/StringbasedcommunicationbetweenSocket.htm
The site has about 20 examples of how to do what you are trying to do. In general I find this site to be the best JAVA resource that I know.
In general, the thing you probably want is a Socket. Sockets allow you to send bytes to an endpoint via TCP or UDP. This is very low-level, though, and are somewhat tricky because you have to design your own application protocol. You may want to use something that offers more abstraction.
Java sockets expose a stream interface so you could just encode integers as strings, for instance, and send them line by line, or you could do something fancier and more efficient like using a DataOutputStream to wrap it.
Handling the following issues can improve security.
If you have router ,set different ports for routing.
Example: If you are running server say on port 6001, map a virtual port say 9001 , which would be exposed to public.
DDos
IP Restriction - Not every user can access your machine !
Enabling router firewall does handle most of the issues.
Related
I am trying to make a two-way instant messaging app over two different networks. One of these networks is mine, which has port forwarding enabled(sends traffic on certain port to specific ip address). My problem is that I need a two way connection(sockets can only send to serverSockets, serverSockets can't send to sockets). Is there a way to connect to a computer via a pre-existing connection? Is there a library for this? ie. socket.connect(serverSocket.getConnection, 5001); (I have made my own classes which handle all the Input/Output Streams and sockets, I just need a library for a function I can put in the class).
If what you're asking for is to have a computer exposed to the internet to directly connect to a computer behind a NAT, you might get your app working if you are able to implement something similar to reverse ssh tunneling. See here and here, for a java library.
But I would recommend some sort of client-server approach for this, in which everyone connects to the server, and through the server they connect to each other.
I'm currently working on a messaging program in java, and I planned on using UDP to send messages from the user to a central server, and I planned on using possibly TCP for messages from the server going back to the user. My main question is, how can I achieve this without requiring the client to port forward?
P2P clients like skype use subtle tricks to connect peers behind firewalls. The different techniques used are outlined here:
http://www.h-online.com/security/features/How-Skype-Co-get-round-firewalls-747197.html
Very simply, the client has to establish the TCP connection to the server, even if the primary (indeed if not only) data flow is in the opposite direction.
Programs like skype either use a common port that is open (port 80) or put a rule in the firewall to allow another port to communicate. Additionally a program can open ports above 1024 without adminisrative permissions although depending on the type of connection it may need to set up UPnP or keep an active channel to a server open.
I made a networked game in Java using Sockets. It works great, except... only through my LAN. :/ What I want to be able to do is set it up so that I can start the server running on my home computer and send the client code, in an executable jar, to someone else, and have them be able to launch it and connect through the internet. But like... I have no idea how to set up my modem & router for that. :( I have a wireless Clear modem, for which the configuration page looks like this:
http://imageshack.us/photo/my-images/254/modem.jpg
And a Netgear router, whose page looks like this:
http://imageshack.us/photo/my-images/443/routerq.jpg
Right now, in the client and server runner classes, I pass my PC's private IP address along with my chosen port number to the ServerSocket and Socket objects. I hear that Sockets are able to be either UDP or TCP, depending on how you set them up, or something...? I don't do anything like that though, I just instantiate them and pass them the 2 values, and off they go...
In the code for the server:
ServerSocket sock = new ServerSocket();
sock.bind(new InetSocketAddress(IP, 9001));
Code for the client:
Socket sock = new Socket(IP, 9001);
So also, I would need to know how to change the code accordingly with the changes to my router/modem settings.
"IP" is a String representing my computer's private IP, 192.168.1.10, and the program only works if that is the string I pass to the Socket & ServerSocket. Like I said, I have a modem which is connected to a router which is connected to my computer. So, can someone please explain to me (in detail, because I'm a noob) what exactly I would have to do to configure both of them, AND the changes I would have to make to my code?
You'll have to manually port forward, or look at a solution like UPnP or NAT-PMP for automatic port forwarding. Unfortunately, NAT is a pain in the ass to configure and most routers don't properly support it. It's also not a simple task, as you have to support a whole range of different implementations and mechanisms.
It shouldn't be too difficult to set up your router to forward one port to your machine, though. See http://portforward.com/ for an awesome list of how to do it on pretty much any router.
It sounds like you're asking a number of questions here... I'm no network/socket programming specialist, but here's some ideas.
For distribution, you may wish to look into Java Web Start. It'll make it easy for your clients to obtain the app as well as automating updates.
If you're using the Socket constructor like that, the actual implementation will be a system default. You could override this by calling this method with a suitable SocketImplFactory implementation.
As for the IP address and port... Using a hard-coded value for the port should be okay. You'll need to decide on a port or at least some default anyway for clients to connect to. Even so, it might be useful to have the value read from some external configuration file. This'll make it easier should you ever decide to distribute the server app to let other people run servers. They might want to use a different port.
Having the server's IP address (yours) hard-coded in code is definitely a no-no, though. Clients should connect using either an IP address or host name that they need to provide or set in some configuration file. A host name would be required if you don't have a static IP address.
Unless this is something for you and some friends to enjoy, where you can always just initiate a game by providing IP and port in a chat session or something, you'd be better off finding some external hosting solution at a company that takes care of the DNS resolution and network setup for you. These days you'll find stuff like that pretty cheap if you don't have requirements like a Java EE server or database.
EDIT: thought of something else. TCP might be okay for your use-case, but if this is a game that requires minimal lag and quick input synchronization (like a shooter or fighting game) then it's not the best choice. In that case UDP would be better. It would induce the requirement of adding some sort of detection for desync or a mechanism that makes up for any dropped packets.
I have a Java program running on two computers that are both on the same network. I would like to have these applications become aware of each other, so they could communicate directly as opposed to communicating with the server to relay messages.
I believe i may have a solution as to how this would work, but am unable to find any examples to compare my solution against. Do you guys know how this problem is usually solved?
There is a good library that implements the Zeroconf / Bonjour standard in plain java at http://jmdns.sourceforge.net/
This basically relieves you from the protocol burden and allows you to advertise and lookup service providers based in logical names (That's what iTunes or Mac printing does for example).
This book http://www.amazon.com/Zero-Configuration-Networking-Definitive-Guide/dp/0596101007 explains all basic concepts.
You could get them to do a UDP multicast within a LAN environment to identify the programs using protocol messages then have a stored cache of each other's identity and then use TCP to connect and do main exchanging of messages (which is more reliable than UDP). Or you can simply proceed with UDP messaging only if you want to.
You can search for multicasting in Java online.
Some multicast related links:
http://download.oracle.com/javase/1.4.2/docs/api/java/net/MulticastSocket.html
http://www.javafaq.nu/java-article817.html
A good multicast chat software you can reference:
http://sourceforge.net/projects/mc2/
One way would be to send a broadcast to see who's out there, then implement a GUI to show the user what other peers are there and give an option to connect to. (The broadcast will give you the IP address of everybody there.)
Once you know who to connect to, you simply open a TCP connection (or use UDP if it is time-critical) and you're done.
Btw, this is for IPv4 - IPv6 doesn't have broadcast (although something similar).
This might be one of those "huh, why?" questions, but I figured it would be worth the try.
How would one, from a server-side application, use the clients IP address as the applications IP address to another website? The basic idea is that any work the server side application does, is seen as the client itself doing the work, and not the servers static IP.
I am not sure if changing HTTP headers would work, but I could be wrong. Is there any documentation out there on this?
Thanks,
Kyle
Utterly, utterly impossible. You won't even be able to open a TCP connection because the other website's server will try to handshake with the client, and fail.
An IP address isn't just any old ID, it's the actually address that servers will send any response to. Spoofing it basically only makes sense if you can fit your request into a single IP packet (which rules out TCP and thus HTTP) and are not interested in the response. Even then it can fail because your ISP's routers may have anti-spoofing rules that drop packets with "outside" IP addresses originating from "inside" networks.
Why on earth would a legitimate application want to spoof its IP address?
Changing HTTP headers might cut it, but most likely it won't. Depends on how naive the other server is.
It sounds like you're trying to do something the wrong way, can you give a bit more information as to what exactly the use-case is?
If there's no processing to be done in between, you can do port forwarding on your server's IP firewall, so the client connects to your server but ends up talking to the other server.
If there's more involvement of your server, then the correct thing to do would be to pass the client's IP to the other server as part of the URL (if it's a web app) or elsewhere in the data (if not) so the receiving server can know and correctly log the process without any need for fakery. Of course this would also call for a change in the other app.
Again assuming we're talking about HTTP, another idea that came to my mind would be to redirect your client to the other server. As long as all necessary data is in the URI, you could advise the client's browser to connect to the other server with a URI of your own creation that could carry whatever extra value your server's processing adds to the request.
Decades ago, the designer of internet asked, "how can we prevent Kyle Rozendo from doing such a devious thing?"
If the client is cooperating, you can install some software on client machine, and do the work from there. For example, a signed java applet on your page. [kidding]If the client is not cooperating, install some trojan virus[/kidding]