search

CubeCoders / AMP

Issue tracking and documentation for AMP
https://cubecoders.com/AMP
207 stars 38 forks source link

SFTP Port Is Not Always Opened On Windows #830

Open IceOfWraith opened 1 year ago

IceOfWraith commented 1 year ago

Feature Request

Feature Information:

Add an option to sync SFTP port to the firewall in the GUI. Configuration->Networking should have an option to allow the SFTP port through the firewall without having to go to CLI. This can be per instance to avoid opening SFTP to all instances.

I confirm:

southnode commented 1 year ago

This. There are zero reasons why this shouldn't be forwarded by default if set, preferably both on an instance and target level.

For our use-case in particular, this port should be open by default regardless of platform considering it's allocated, and would reduce support items.

BroOtti commented 1 year ago

How does AMP currently decide if the SFTP ports are opened or not? With ufw on debian 11 AMP opens the SFTP ports

PhonicUK commented 1 year ago

Little tricky because AMPs firewall manager doesn't know that the SFTP port is 'special' in that sense because it's just part of the file manager plugin, but the request is reasonable so I'll see what I can do.

southnode commented 1 year ago

Pinging on this again - on Windows this still isn't opened by default, and really should be for a turnkey solution.

PhonicUK commented 1 year ago

I think we've got conflicting requests going on here. The SFTP port isn't special so if the rest of the game ports for an instance are being opened through the firewall then SFTP should be as well. There's nothing in AMP that causes that particular port to behave differently on different platforms.

Greelan commented 1 year ago

I have an instance running on Windows. All ports including SFTP port listening. Firewall rules exist for all ports EXCEPT the SFTP port.

BroOtti commented 1 year ago

Just created an instance on Windows and there is no SFTP rule created. Only the application specific port is created as a firewall rule.

IceOfWraith commented 6 months ago

It was found by one of the enterprise users (forget which one) that it seems to be the naming convention of the SFTP port causing the issue. They were able to show where manually attempting to add a rule with the same name would fail to add.