Summary: Client-spawned server should not listen on all
Submitted by: jtn
Submitted on: Sat Aug 20 23:34:23 2011
Severity: 3 - Normal
Priority: 5 - Normal
Assigned to: None
Discussion Lock: Any
Operating System: Any
Planned Release: 2.4.0
As noted in Debian bug #578068
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578068>, in this day and
age, a single-player game shouldn't by default cause a listening port to be
opened on a machine's public network interfaces.
Probably many people are saved by being behind NAT, but if/when IPv6 actually
happens it may become more of an issue. Not to mention, say, netbooks on
public Wi-Fi networks without firewalls.
Best would be to use something like Unix domain sockets as suggested in the
Debian bug -- done right, this would keep servers on multiuser machines safe
from other users -- but that's a lot of work and we'd need another solution
for Windows. Staying with TCP but binding to the localhost interface seems
like a "good enough" solution that will work for all the platforms we
It feels like this should be as simple as specifying a "--bind" argument to
the spawned server. However, it's just the kind of change that will expose
some platform-dependent networking issue and embarrassingly break
single-player mode for someone. So I'm wary of trying to fix it in 2.3.x.
There are some users who use the client-spawned server as a LAN server (e.g.,
in this forum thread <http://forum.freeciv.org/viewtopic.php?t=7009>, and one
other I can't find now). This change will break that usage pattern. It's not
something we'd recommend anyway -- if the relevant client dies, it'll take
down the server -- but we might nevertheless want to consider an option to
choose the bound interface for client-spawned servers.
Reply to this item at:
Message sent via/by Gna!
Freeciv-dev mailing list