Playing behind a Firewall

From EUO Manual
Jump to: navigation, search

by scglass

If your "work" environment makes use of an HTTP proxy to handle your Internet browsing, you can use it to play EUO and introduce your co-workers to the fun.

Requirements

  • The great TCP thru HTTP proxy program "desproxy" obtainable from sourceforge.net (aah, open source). Get it here.
  • An HTTP proxy server that supports the CONNECT directive, if you can access secure websites (https://) then the odds are good.
  • Corporate firewalls that allow unrestricted TCP connections from the HTTP proxy. You may not be able to determine this, it will either work, or it won't.
  • It also works if the proxy server requires basic authentication, but NOT if the authentication is seamless through NTLM.

Installation and setup of desproxy

  • unzip the files into a directory of your choosing. c:\desproxy worked for me.
  • create a batchfile desproxy.bat and open it for editing, adding the following lines
set PROXY_USER=login:password
desproxy.exe euo.swut.net 26667 proxy-hostname 8080 26667
  • If your proxy does not require authentication, delete the entire set PROXY_USER= line.
  • If your proxy does requires authentication, change login:password to be your proxy login and proxy password. Yes, your proxy password will be stored in this file in clear text, deal with it.
  • Replace proxy-hostname with the DNS name of your HTTP proxy server. You can usually obtain this from the Connections tab of your Internet Settings in IE
  • Note: if you connect to the PermaDeth server, change all references of 26667 to 26668, or to 26666 to connect to No Grind.

Now, from within a command / cmd shell run the batch file, you should see output similar to the following:

-----------------------------------
desproxy                 0.1.0-pre2
(C) 2003 Miguelanxo Otero Salgueiro
-----------------------------------
TCP port 26667 Bound & Listening
Press <Control+C> to Quit


Setup of the EUO client

  • Go to where you installed EUO, typically c:\euo
  • Edit your client.cfg file and change the following entry to read:
server=localhost
  • Save, then start up the EUO client and connect as normal.
  • You should receive similar output to the following in the desproxy command box
Connection request from 127.0.0.1, port 4688
Connecting to http proxy (proxy-gpo:8080)
Connection #0: bidirectional connection stablished

Connection #0: proxy -> client    8 bytes read
Connection #0: client -> proxy   56 bytes read
:
etc, etc...
  • The desproxy redirector is quite chatty, you might want to minimise the command box.
  • Play away.

Troubleshooting

  • If your proxy requires authentication, or your authentication is incorrect, you will receive a 407 Proxy Authentication Required message in the desproxy command box.
  • If your corporate firewalls restrict outbound connections you will receive a 500 Server Error message in the desproxy command box. In this case you can either get the proxy permissioned to use port 26666/26667/26668 or persuade Egg to bind the EUO server to port 80 or 443

Final notes

  • The connection works well, although it can be a bit laggy. Keep in mind that your connection is being redirected twice and is at the whim of both the desproxy program and the HTTP proxy. If either bombs out, or has issues, the client may start behaving in unpredictable ways.
  • The EUO PatchMe.exe autopatcher is not HTTP proxy aware, however you can use a similar method to get the autopatcher working as well. If it is necessary, I can provide instructions on this also...
  • Don't forget to shut down the redirector when you're done.

For the techos

  • The desproxy software makes use of the CONNECT directive that allows HTTP proxy servers handle HTTPS or SSL connections.
  • Once running, it redirects TCP requests from the EUO client, handles the HTTP proxy handshaking (and authentication, if any).
  • It will maintain the connection for as long as it is required which means that it won't spam the proxy with log file entries. Also, most proxies only log host and port for CONNECT requests.

Disclaimer

Oh, and if someone catches you doing this and comes after you with a corporate lynch mob for misuse of work resources then you're on your own. In the words of James Earl Jones, "I was never here..." ;)