 |
Attention | Topic was automatically imported from the old Question2Answer platform. |
 |
Asked By | Bush2Tree |
Hey all,
I’m planning on using UPNP to allow p2p connections for multiplayer. I’d like to make sure I’m following good security practices, so I have the following questions.
Should I minimize the time that ports spend “forwarded”? Or is it okay to leave a port “forwarded” to the current device, and assume that the next device that needs to use that port will override it?
Also, it seems as if many routers now ship with UPNP off for security reasons, and that there are other ways (NAT hole-punching) of automatically establishing a p2p connection between two devices that are both behind routers. Should I consider using something other than UPNP, and if so, how would that be implemented in godot?
If the users already enabled UPNP in their network(router), you don’t need worry much about their security. UPNP is made to be insecure, it is a way to perform port-forwarding via request from devices. Even if your program removes port mapping after its done, some other program can perform port mapping via UDP too. Although (I think) it is always a good idea to try to be more secure, so my answer to first part of your question would be clean up your port mappings as best as you can, but keep in mind that you can’t always do that (crashes, power losses etc.) and another program can use UPNP just like your program. I can’t answer the second part since I don’t know much about NAT punching stuff.
unlut | 2020-10-01 00:01