Macromedia Flash Server - fcm and stateful firewall

This is Interesting: Free IT Magazines  
Home > Archive > Macromedia Flash Server > March 2006 > fcm and stateful firewall





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author fcm and stateful firewall
ben

2006-03-08, 7:45 am

Hi all,

Is there a way to get fcm to stream video to users that are behind a
stateful firewall ?

I've tried connecting with rmtp port 80 and tunnelling with no luck. Is
there a way around this besides getting the client or user to configure
there firewall to allow rtmp traffic ?

Regards,
Ben

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

James Wrubel

2006-03-08, 5:45 pm

When you say stateful, do you mean one that uses Stateful Packet Inspection? Most firewalls these days are stateful, but an SPI firewall will ensure that traffic on port 80 'looks' like HTTP traffic, for example.

Try setting your connect string to use rtmpt:// instead of rtmp://. That will tell FCS to mimic HTTP traffic.

ben wrote:
> Hi all,
>
> Is there a way to get fcm to stream video to users that are behind a
> stateful firewall ?
>
> I've tried connecting with rmtp port 80 and tunnelling with no luck. Is
> there a way around this besides getting the client or user to configure
> there firewall to allow rtmp traffic ?
>
> Regards,
> Ben
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
>
>

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

Ryan Osswald

2006-03-08, 5:45 pm

Here is a link to a firewall test for FCS provided by Macromedia. We send
this to our clients and ask them to email us the results. This will tell
you what ports are available on their firewall for FCS or FMS. Hope this
helps in the future. It has gotten us through a few pinches with clients.

http://www.macromedia.com/go/tn_16466


Ryan Osswald
Engineer
midhudsonmedia
30 South 3rd St.
Hudson, NY 12534
ryan-T+4d/MEryPkq3Qc7VneoHtBPR1lH4CV8@public.gmane.org


-----Original Message-----
From: James Wrubel [mailto:james-zNCL/LQg+xsdnm+yROfE0A@public.gmane.org]
Sent: Wednesday, March 08, 2006 10:17 AM
To: FlashComm Mailing List
Subject: Re: [FlashComm] fcm and stateful firewall

When you say stateful, do you mean one that uses Stateful Packet Inspection?
Most firewalls these days are stateful, but an SPI firewall will ensure that
traffic on port 80 'looks' like HTTP traffic, for example.

Try setting your connect string to use rtmpt:// instead of rtmp://. That
will tell FCS to mimic HTTP traffic.

ben wrote:
> Hi all,
>
> Is there a way to get fcm to stream video to users that are behind a
> stateful firewall ?
>
> I've tried connecting with rmtp port 80 and tunnelling with no luck. Is
> there a way around this besides getting the client or user to configure
> there firewall to allow rtmp traffic ?
>
> Regards,
> Ben
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
>
>

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com
________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

ben

2006-03-08, 5:45 pm

Hi,

Stateful Packet Inspection.
I was under the impression that if you don't specify a port when using rtmp
and if it fails it would attempt to use rtmpt.

I will tell it to use rtmpt. Will there be any performance issues by this
though ? I'm still learning all the stuff. I read somewhere i think it was
on MM's site about there may be a hit when using rtmpt. Only just started
using fcm. Eventually will probably write some code to automatically use
rtmp with the default port then 80 if that doesn't work then tell it to use
rtmpt. As a general rule what order would you recommend for optimal
performance?
Thanks again


----- Original Message -----
From: "James Wrubel" <james-zNCL/LQg+xsdnm+yROfE0A@public.gmane.org>
To: "FlashComm Mailing List" <flashcomm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org>
Sent: Thursday, March 09, 2006 2:16 AM
Subject: Re: [FlashComm] fcm and stateful firewall


> When you say stateful, do you mean one that uses Stateful Packet
> Inspection? Most firewalls these days are stateful, but an SPI firewall
> will ensure that traffic on port 80 'looks' like HTTP traffic, for
> example.
>
> Try setting your connect string to use rtmpt:// instead of rtmp://. That
> will tell FCS to mimic HTTP traffic.
>
> ben wrote:
>
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
>
>

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

ben

2006-03-08, 5:45 pm

Thanks for the url.
I tried that url just on my machine and i get fails for tunneling and a fail
for rtmp port 80. I just wrote a quick and dirty app to test the ports on
our fms application(external provider) and email us the results
automatically. On my machine all pass accept for rtmp port 80.

hhaha, for some of our clients(well the users that will be using the
application) to go to that url and send us the results will be to technical
for them. I know that sounds stupid but unfortunatly it's true

Out of curiosity do you normally detect for ports when you build your
applications ? If so do you use that Macromedia url to try and find out why
they can't connect and most likely get them to open a port ?

Ben

----- Original Message -----
From: "Ryan Osswald" <ryan-R5dcbj8KPvRe5f+ys5851A@public.gmane.org>
To: "'FlashComm Mailing List'" <flashcomm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org>
Sent: Thursday, March 09, 2006 2:33 AM
Subject: RE: [FlashComm] fcm and stateful firewall


> Here is a link to a firewall test for FCS provided by Macromedia. We send
> this to our clients and ask them to email us the results. This will tell
> you what ports are available on their firewall for FCS or FMS. Hope this
> helps in the future. It has gotten us through a few pinches with clients.
>
> http://www.macromedia.com/go/tn_16466
>
>
> Ryan Osswald
> Engineer
> midhudsonmedia
> 30 South 3rd St.
> Hudson, NY 12534
> ryan-T+4d/MEryPkq3Qc7VneoHtBPR1lH4CV8@public.gmane.org
>
>
> -----Original Message-----
> From: James Wrubel [mailto:james-zNCL/LQg+xsdnm+yROfE0A@public.gmane.org]
> Sent: Wednesday, March 08, 2006 10:17 AM
> To: FlashComm Mailing List
> Subject: Re: [FlashComm] fcm and stateful firewall
>
> When you say stateful, do you mean one that uses Stateful Packet
> Inspection?
> Most firewalls these days are stateful, but an SPI firewall will ensure
> that
> traffic on port 80 'looks' like HTTP traffic, for example.
>
> Try setting your connect string to use rtmpt:// instead of rtmp://. That
> will tell FCS to mimic HTTP traffic.
>
> ben wrote:
>
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
>
>

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

James Wrubel

2006-03-08, 5:45 pm

I know Peldi's FLV player (and maybe the default component-based one in Flash 8) will do automatic testing then failover, but if you are writing your own app or just using a net connnection, it will not automatically fail over. If you are specifying the c
onnection string, you need to be explicit about protocol (and potentially port).

The trend in firewalls is towards packet inspection. Older models of cisco Pix and IPTables simply allowed anything over port 80 through, but now the Pix ships with the Packet Inspection capability turned on. So to ensure users behind those models can get
to your content, you need to use rtmpt. There is a performance hit because rtmpt adds the overhead of http. The best thing you can do to improve performance (other than plan for slightly higher capacity) is increase your buffer size, since the stateless
nature of rtmpt leaves you vulnerable to buffering problems. I also wouldn't recommend any functionality such as online gaming over rtmpt, because latency will kill you.

ben wrote:
> Hi,
>
> Stateful Packet Inspection.
> I was under the impression that if you don't specify a port when using
> rtmp and if it fails it would attempt to use rtmpt.
>
> I will tell it to use rtmpt. Will there be any performance issues by
> this though ? I'm still learning all the stuff. I read somewhere i think
> it was on MM's site about there may be a hit when using rtmpt. Only just
> started using fcm. Eventually will probably write some code to
> automatically use rtmp with the default port then 80 if that doesn't
> work then tell it to use rtmpt. As a general rule what order would you
> recommend for optimal performance?
> Thanks again
>
>
> ----- Original Message ----- From: "James Wrubel" <james-zNCL/LQg+xsdnm+yROfE0A@public.gmane.org>
> To: "FlashComm Mailing List" <flashcomm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org>
> Sent: Thursday, March 09, 2006 2:16 AM
> Subject: Re: [FlashComm] fcm and stateful firewall
>
>
>
>
>
________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

Stefan Richter

2006-03-08, 5:45 pm

Just one correction: if you specify the default rtmp connection string then
the Flash Player WILL try all other connection methods for you. It's kind of
got that failover stuff built in. However this can take a while to happen (I
believe especially so on Macs) so it's best to simply try simoultaneous
connections on all ports etc and use the first one that succeeds, canceling
other connection attempts.

Stefan


> -----Original Message-----
> From: flashcomm-bounces-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> [mailto:flashcomm-bounces-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org] On Behalf Of
> James Wrubel
> Sent: 08 March 2006 16:48
> To: ben
> Cc: FlashComm Mailing List
> Subject: Re: [FlashComm] fcm and stateful firewall
>
> I know Peldi's FLV player (and maybe the default
> component-based one in Flash 8) will do automatic testing
> then failover, but if you are writing your own app or just
> using a net connnection, it will not automatically fail over.
> If you are specifying the connection string, you need to be
> explicit about protocol (and potentially port).
>
> The trend in firewalls is towards packet inspection. Older
> models of cisco Pix and IPTables simply allowed anything over
> port 80 through, but now the Pix ships with the Packet
> Inspection capability turned on. So to ensure users behind
> those models can get to your content, you need to use rtmpt.
> There is a performance hit because rtmpt adds the overhead of
> http. The best thing you can do to improve performance (other
> than plan for slightly higher capacity) is increase your
> buffer size, since the stateless nature of rtmpt leaves you
> vulnerable to buffering problems. I also wouldn't recommend
> any functionality such as online gaming over rtmpt, because
> latency will kill you.
>

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

ben

2006-03-08, 5:45 pm

Thanks Stefan,

I'll implement it that way. Just hope not many users hit the site at once as
i only have 20 connections to play with

Sweet, i read your article at Macromedias site about "Delivering Flash
Video: Dynamic Bandwidth Detection with Macromedia Flash Communication
Server".
Nice article, It's helped me alot to undertand detection. However i got a
query in regards to the value that is returned by the server code. Sometimes
it returns my kb as 2000 to 3000kb and i'm on a 1500kb connection. Would you
have any ideas why that could be happening ?

Also I was very curious as to what exactly this line of code was doing

for (var i=0; i<1200; i++) {
p_client.payload[i] = Math.random(); //16K approx
}

Is that just filling in random numbers(16K each?) to send to the client
which is used to determine the bandwidth. Would a random string be better ?

Thanks,
Ben


----- Original Message -----
From: "Stefan Richter" <stefan-fMeCE+ULXElEfu+5ix1nRw@public.gmane.org>
To: <james-zNCL/LQg+xsdnm+yROfE0A@public.gmane.org>; "'FlashComm Mailing List'"
<flashcomm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org>
Sent: Thursday, March 09, 2006 3:53 AM
Subject: RE: [FlashComm] fcm and stateful firewall


> Just one correction: if you specify the default rtmp connection string
> then
> the Flash Player WILL try all other connection methods for you. It's kind
> of
> got that failover stuff built in. However this can take a while to happen
> (I
> believe especially so on Macs) so it's best to simply try simoultaneous
> connections on all ports etc and use the first one that succeeds,
> canceling
> other connection attempts.
>
> Stefan
>
>
>
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
>
>

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

James Wrubel

2006-03-08, 5:45 pm

Hmm. I didn't know it was built in to the player. You learn something new every day. Thanks!

Jim

Stefan Richter wrote:
> Just one correction: if you specify the default rtmp connection string then
> the Flash Player WILL try all other connection methods for you. It's kind of
> got that failover stuff built in. However this can take a while to happen (I
> believe especially so on Macs) so it's best to simply try simoultaneous
> connections on all ports etc and use the first one that succeeds, canceling
> other connection attempts.
>
> Stefan
>
>
>
>
>
________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

Stefan Richter

2006-03-08, 5:45 pm

Hmm, I am not sure why you are seeing such high numbers. The code which
handles the bandwidth detection wasn't written by me so I am unable to
comment further but I must say that it generally seemed to work pretty well.
It never returned unrealistic figures for me. Has anyone else had trouble
with this?

Ben,
If you use the main.asc file that ships with Flash8 (search help files for
'main.asc') and run that in conjunction with FVLPLayback, does that also
show this issue?


Stefan



> -----Original Message-----
> From: flashcomm-bounces-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> [mailto:flashcomm-bounces-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org] On Behalf Of ben
> Sent: 08 March 2006 17:29
> To: FlashComm Mailing List
> Subject: Re: [FlashComm] fcm and stateful firewall
>
> Thanks Stefan,
>
> I'll implement it that way. Just hope not many users hit the
> site at once as i only have 20 connections to play with
>
> Sweet, i read your article at Macromedias site about "Delivering Flash
> Video: Dynamic Bandwidth Detection with Macromedia Flash
> Communication Server".
> Nice article, It's helped me alot to undertand detection.
> However i got a query in regards to the value that is
> returned by the server code. Sometimes it returns my kb as
> 2000 to 3000kb and i'm on a 1500kb connection. Would you have
> any ideas why that could be happening ?
>
> Also I was very curious as to what exactly this line of code was doing
>
> for (var i=0; i<1200; i++) {
> p_client.payload[i] = Math.random(); //16K approx }
>
> Is that just filling in random numbers(16K each?) to send to
> the client which is used to determine the bandwidth. Would a
> random string be better ?
>
> Thanks,
> Ben
>
>
> ----- Original Message -----
> From: "Stefan Richter" <stefan-fMeCE+ULXElEfu+5ix1nRw@public.gmane.org>
> To: <james-zNCL/LQg+xsdnm+yROfE0A@public.gmane.org>; "'FlashComm Mailing List'"
> <flashcomm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org>
> Sent: Thursday, March 09, 2006 3:53 AM
> Subject: RE: [FlashComm] fcm and stateful firewall
>
>
> connection string
> you. It's kind
> while to happen
> simoultaneous
>
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
>

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

ben

2006-03-08, 5:45 pm

Hi Stefan,

I noticed a few people on the flashcomguru tutorial followup section for the
article are having similiar problems. I posted on there aswell. I also
noticed that the code on Peidi's blog seemed to return numbers within the
correct range however it was always a low number. Probably just because i'm
in Australia and our bandwidth to the outside world sucks

Unforunatly i only have flash 7.

Thanks,
Ben

----- Original Message -----
From: "Stefan Richter" <stefan-fMeCE+ULXElEfu+5ix1nRw@public.gmane.org>
To: "'FlashComm Mailing List'" <flashcomm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org>
Sent: Thursday, March 09, 2006 6:25 AM
Subject: RE: [FlashComm] fcm and stateful firewall


> Hmm, I am not sure why you are seeing such high numbers. The code which
> handles the bandwidth detection wasn't written by me so I am unable to
> comment further but I must say that it generally seemed to work pretty
> well.
> It never returned unrealistic figures for me. Has anyone else had trouble
> with this?
>
> Ben,
> If you use the main.asc file that ships with Flash8 (search help files for
> 'main.asc') and run that in conjunction with FVLPLayback, does that also
> show this issue?
>
>
> Stefan
>
>
>
>
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
>
>

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

Don Michels

2006-03-09, 5:45 pm

Stateful inspection firewalls and proxy servers are problematic, even =
with rollover to http/80. I am not aware of a vendor that has created =
true rtmp proxies for their firewalls/proxy servers as yet.

Even though the traffic is on 80, the packets contain rtmp data that =
gets rejected by a stateful firewall as invalid http requests.

There are only 2 workarounds:
1) Deliver over ssl instead. b/c ssl packets are encrypted, a stateful =
firewall cannot examine payloads
2) progressive download instead of streaming.

dm

Don Michels
The FeedRoom, Inc.




-----Original Message-----
From: flashcomm-bounces-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
[mailto:flashcomm-bounces-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org]On Behalf Of ben
Sent: Wednesday, March 08, 2006 10:46 AM
To: james-zNCL/LQg+xsdnm+yROfE0A@public.gmane.org; FlashComm Mailing List
Subject: Re: [FlashComm] fcm and stateful firewall


Hi,

Stateful Packet Inspection.
I was under the impression that if you don't specify a port when using =
rtmp=20
and if it fails it would attempt to use rtmpt.

I will tell it to use rtmpt. Will there be any performance issues by =
this=20
though ? I'm still learning all the stuff. I read somewhere i think it =
was=20
on MM's site about there may be a hit when using rtmpt. Only just =
started=20
using fcm. Eventually will probably write some code to automatically use =

rtmp with the default port then 80 if that doesn't work then tell it to =
use=20
rtmpt. As a general rule what order would you recommend for optimal=20
performance?
Thanks again


----- Original Message -----=20
From: "James Wrubel" <james-zNCL/LQg+xsdnm+yROfE0A@public.gmane.org>
To: "FlashComm Mailing List" <flashcomm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org>
Sent: Thursday, March 09, 2006 2:16 AM
Subject: Re: [FlashComm] fcm and stateful firewall


> When you say stateful, do you mean one that uses Stateful Packet=20
> Inspection? Most firewalls these days are stateful, but an SPI =
firewall=20
> will ensure that traffic on port 80 'looks' like HTTP traffic, for=20
> example.
>
> Try setting your connect string to use rtmpt:// instead of rtmp://. =
That=20
> will tell FCS to mimic HTTP traffic.
>
> ben wrote:
Is[vbcol=seagreen]
configure[vbcol=seagreen]
>
> ________________________________________
_______
> FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
> To change your subscription options or search the archive:
> http://chattyfig.figleaf.com/mailman/listinfo/flashcomm
>
> Brought to you by Fig Leaf Software
> Premier Authorized Adobe Consulting and Training
> http://www.figleaf.com
> http://training.figleaf.com
>
>=20

________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com
________________________________________
_______
FlashComm-1Ss2GqJETD3yZ38Mhd3e/9ZfFG6BLHNm@public.gmane.org
To change your subscription options or search the archive:
http://chattyfig.figleaf.com/mailman/listinfo/flashcomm

Brought to you by Fig Leaf Software
Premier Authorized Adobe Consulting and Training
http://www.figleaf.com
http://training.figleaf.com

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com