Go Back   EQEmulator Home > EQEmulator Forums > Support > Support::MiniLogin

Support::MiniLogin Support forum for problems with the official MiniLogin release.

Reply
 
Thread Tools Display Modes
  #16  
Old 02-05-2009, 09:53 AM
cubber
Discordant
 
Join Date: Apr 2006
Posts: 374
Default

Quote:
Ports on your router that need to be opened;
3306/udp, 5999/udp, 9000/udp, 7000-7010/udp, 3306/tcp, 5999/tcp, 7000-7010/tcp
ports 7000-7010 are variable, pending on how many dynamic and static zones you start up. If you use 5 dynamic zones and 5 static, then 7000-7010, is ok, if you start more, then increase the amount accordingly.
I appologize, I did not see this part of the guide. You already did mention the port. But one thing to note is that you do not need to open any TCP ports. It is all UDP.

These are the ports I use on my firewall, and all works fine. I used to forward both tcp and udp ports until FNW told me on IRC a while back that it was a big misconception and that EQEMU only uses UDP.

Code:
UDP 	Uplink ANY : 7779 	=> 	192.168.42.4 : 7779 	EQEMU Mail
 	
UDP 	Uplink ANY : 7778 	=> 	192.168.42.4 : 7778 	EQEMU Chat 	

UDP 	Uplink ANY : 5999 	=> 	192.168.42.4 : 5999 	EQ Minilogin

UDP 	Uplink ANY : 9000 	=> 	192.168.42.4 : 9000 	EQEMU

UDP 	Uplink ANY :
7000 - 7010 	=> 	192.168.42.4 : 7000 - 7010 	EQEMU
BTW: what is 3306 for? I never use that port.
Reply With Quote
  #17  
Old 02-05-2009, 02:02 PM
Andrew80k
Dragon
 
Join Date: Feb 2007
Posts: 659
Default

The mysql database is on port 3306.
Reply With Quote
  #18  
Old 02-05-2009, 02:16 PM
cubber
Discordant
 
Join Date: Apr 2006
Posts: 374
Default

You don't need to forward that only the server uses that port. Unless your mysql server and eqemu server are located in two physically separate locations with 2 different internet connections. Or if you had a web server located somewhere on the internet and had it querying your mysql database to show information. In either case it would just have to be forwarded on the network with the MYSQL server.

But for a regular EQEMU server with the MYSQL DB server istalled on the localhost or even a separate server on the same LAN you do not need to forward the MYSQL port.
Reply With Quote
  #19  
Old 02-05-2009, 03:14 PM
Angelox
AX Classic Developer
 
Join Date: May 2006
Location: filler
Posts: 2,049
Default

I do a lot of EqEmu work that's spread out over four machines in my network - My server is Linux, and only used for the EqEMu server and some other assorted email and whatever servers.
I compile and try to pre-test everything in windows and Linux, so the database is shared through out the LAN and even to a few friends over the net.
Since many people were having so much trouble getting MiniLogin up and running. I posted a detailed explanation and example of what I know is working, because it's what I have working at my LAN - since I like to test everything I do before I preach it to some one else, I posted what I have running and am sure works.
Reply With Quote
  #20  
Old 02-05-2009, 03:40 PM
Andrew80k
Dragon
 
Join Date: Feb 2007
Posts: 659
Default

Quote:
Originally Posted by cubber View Post
You don't need to forward that only the server uses that port. Unless your mysql server and eqemu server are located in two physically separate locations with 2 different internet connections. Or if you had a web server located somewhere on the internet and had it querying your mysql database to show information. In either case it would just have to be forwarded on the network with the MYSQL server.

But for a regular EQEMU server with the MYSQL DB server istalled on the localhost or even a separate server on the same LAN you do not need to forward the MYSQL port.
yes, I know. But you asked what the port was... I don't see any need for you to open it up unless you have a specific need to like Angelox does.
Reply With Quote
  #21  
Old 02-05-2009, 08:18 PM
Angelox
AX Classic Developer
 
Join Date: May 2006
Location: filler
Posts: 2,049
Default

The port is open, but admin would still have to set up your IP/host with MySql, even if you knew username/password you're not admitted. And only allow user admin privs on the server machine.
Reply With Quote
  #22  
Old 02-05-2009, 10:22 PM
cubber
Discordant
 
Join Date: Apr 2006
Posts: 374
Default

unless you did one of these then they could access it from any ip address:

Code:
 GRANT ALL PRIVILEGES ON *.* TO 'user'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
But yes you are both correct, my point was that it is not needed for a regular home brew server, only for special cases like Angelox's. So basically if you are not sure that you need it then you probably don't. As for the other ports try turning off all of the tcp ports and just leave the udps I bet you will have no issues. Just a more secure firewall. You may need to leave tcp on port 9000 if you use the telnet feature, I usually only use this through vpn if I need to though, since telnet by default is unsecure.
Reply With Quote
  #23  
Old 02-06-2009, 09:31 AM
Angelox
AX Classic Developer
 
Join Date: May 2006
Location: filler
Posts: 2,049
Default

Quote:
Originally Posted by cubber View Post
unless you did one of these then they could access it from any ip address:

Code:
 GRANT ALL PRIVILEGES ON *.* TO 'user'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
But yes you are both correct, my point was that it is not needed for a regular home brew server, only for special cases like Angelox's. So basically if you are not sure that you need it then you probably don't. As for the other ports try turning off all of the tcp ports and just leave the udps I bet you will have no issues. Just a more secure firewall. You may need to leave tcp on port 9000 if you use the telnet feature, I usually only use this through vpn if I need to though, since telnet by default is unsecure.
That would defeat what I was pointing out; the port is secure as long as it points to the mysql database and user privs only accessible by the root/server. "GRANT ALL PRIVILEGES" is not always a good idea, and will make the database insecure.
Reply With Quote
  #24  
Old 02-06-2009, 09:59 AM
cubber
Discordant
 
Join Date: Apr 2006
Posts: 374
Default

Yup, that is what I was saying. Some people blindly follow guides for mysql or anything for that matter, and I have seen that line in quite a few of them. So if you are trying something but do not quite know what you are doing you may end up throwing that line in your mysql and accidentally open it up to the world without knowing about it.

I think you have a great guide here, I was just trying to help elaborate a bit so someone does not follow this guide blindy and introduce possible security holes if they don't know exactly what they are doing.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

   

All times are GMT -4. The time now is 11:55 PM.


 

Everquest is a registered trademark of Daybreak Game Company LLC.
EQEmulator is not associated or affiliated in any way with Daybreak Game Company LLC.
Except where otherwise noted, this site is licensed under a Creative Commons License.
       
Powered by vBulletin®, Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Template by Bluepearl Design and vBulletin Templates - Ver3.3