Search Unity

RSockpol - Reliable Socket Policy Server

Discussion in 'Assets and Asset Store' started by Stefan-Laubenberger, Jan 8, 2015.

  1. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    Hi dear developers! ;-)

    We relased our first asset "RSockpol" - a secure, configurable and fast replacement for the Unity socket policy server (aka "sockpol.exe").

    About
    Whenever you need your web-based game/application to access a web address (e.g. download asset bundles, access a RESTful server), this web address needs a "Socket policy server" to be accessible.

    We were using the standard "sockpol.exe" from Unity quite a while, until we discovered, how unreliable and dangerous this software is.

    Here are some of our concerns:
    • because of the fixed port 843, which is an official system port (all ports below 1024 are system reserved ports), it needs to run as root under a Mac or Linux machine. This means that, if a bad guy somehow gains control over the "sockpol"-process, he could do anything on your machine – like wipe all data from the system... This is a severe and unnecessary security risk!
    • Any established connection to the "sockpol.exe" stays open until the server receives the command "<policy-file-request/>". When you like to monitor your "sockpol" process with a tool like CheckHost, the server will end up with unclosed connections and every connection consumes a lot of performance - we realized that one unclosed connection leads up to 50% CPU consumption. Again, if a bad guy wanted to do ugly stuff like a "denial-of-service" of your socket policy server by sending simple socket connections, he could easily do that. That would bring your server down and hinder your real customer from using your product/services!
    • "sockpol.exe" doesn't write any log files. For us, it's very interesting to know what's going on on our servers. We would like to know how many connections have our servers handled etc.
    • Lack of configuration options - port is fixed in code, time-out not implemented
    • No simple tests for the socket policy server available
    • To run "sockpol.exe" under Mac or Linux, you have to install Mono. In our case, we had to install the whole thing on server for this little "EXE" - we don't use any "Mono" specific apps, so for us, it's just an unnecessary dependency. But this is very individual – probably you use it and love it :)


    Key features:
    Our solution includes:
    • Non-blocking, reliable socket policy server alternative for Unity
    • Port, time-out and queue size for incoming connections are freely configurable
    • Full customizable logging (incl. rolling file appenders with size settings)
    • Multi-threaded
    • Much faster response time (20%-50%)
    • Test-scene for Unity
    • Configurable test-application (load-test with threads and iterations)
    • Runs on Windows, Mac and Unix/Linux
    • Extensive tests, documentation and support!
    • Full C# and Java source code provided


    Important:
    Needs Java7 or higher on the target machine, but the installation steps are mentioned inside the documentation.


    AssetStore:
    RSockpol
    deprecated

    Our other assets


    Any constructive comments are very welcome!


    Cheers
    Stefan
     
    Last edited: Feb 14, 2019
  2. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    @all dear customers

    if you like "RSockpol", don't forget to rate it or even better: write a little review :)

    Thank you very much!


    Regards
    Stefan
     
  3. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    I've just submitted version 1.2.0 to the AssetStore.
    The asset includes now the full C# and Java source code!

    Have a nice weekend!


    Cheers
    Stefan
     
  4. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    The new version is now in available in the store. :)
     
  5. OnePxl

    OnePxl

    Joined:
    Aug 6, 2012
    Posts:
    307
    Birdseye?
     
  6. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    Sorry, but I don't understand your question. The mesh is part of a real human eye and not from an animal.
     
  7. OnePxl

    OnePxl

    Joined:
    Aug 6, 2012
    Posts:
    307
    Never mind, I got confused!
     
  8. clever

    clever

    Joined:
    Oct 11, 2012
    Posts:
    35
    Stefan, it didn't work for me. Neither on my Win7 nor on my Win Server 2012 (where I absolutely need it to work). I made sure I have java 1.8 on both the Win7 and the headless Win Server.

    Here's what I get on Win Server 2012:

    C:\Users\Administrator\Documents\RSockpol>java -jar rsockpol.jar
    07:21:51,094 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT
    find resource [logback.groovy]
    07:21:51,094 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT
    find resource [logback-test.xml]
    07:21:51,095 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found res
    ource [logback.xml] at [file:/C:/Users/Administrator/Documents/RSockpol/logback.
    xml]
    07:21:51,096 |-WARN in ch.qos.logback.classic.LoggerContext[default] - Resource
    [logback.xml] occurs multiple times on the classpath.
    07:21:51,096 |-WARN in ch.qos.logback.classic.LoggerContext[default] - Resource
    [logback.xml] occurs at [jar:file:/C:/Users/Administrator/Documents/RSockpol/lib
    /wichtel-0.2.3.jar!/logback.xml]
    07:21:51,096 |-WARN in ch.qos.logback.classic.LoggerContext[default] - Resource
    [logback.xml] occurs at [file:/C:/Users/Administrator/Documents/RSockpol/logback
    .xml]
    07:21:51,231 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction -
    debug attribute not set
    07:21:51,244 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About t
    o instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender]
    07:21:51,266 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming
    appender as [mainFileAppender]
    07:21:51,323 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA
    - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] fo
    r [encoder] property
    07:21:51,428 |-INFO in ch.qos.logback.core.rolling.FixedWindowRollingPolicy@75ca
    b9 - No compression will be used
    07:21:51,442 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[mainFileA
    ppender] - Active log file name: ./logs/rsockpol.log
    07:21:51,442 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[mainFileA
    ppender] - File property is set to [./logs/rsockpol.log]
    07:21:51,445 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Settin
    g level of logger [com.crosstales] to INFO
    07:21:51,445 |-INFO in ch.qos.logback.classic.joran.action.RootLoggerAction - Se
    tting level of ROOT logger to ERROR
    07:21:51,445 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Atta
    ching appender named [mainFileAppender] to Logger[ROOT]
    07:21:51,446 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction -
    End of configuration.
    07:21:51,449 |-INFO in ch.qos.logback.classic.joran.JoranConfigurator@f7fe8e - R
    egistering current configuration as safe fallback point​


    It stops there and nothing else. Connecting to it doesn't yield anything.
     
  9. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    Hi clever

    No panic - everything looks great so far :)
    As you can see in the documentation at page 9, that's the expected console output. There is nothing more to see...


    Please check:
    • Did you set the correct port in the Unity test scene and is the server port (standard is 65432 instead of 843) accessible from your test machine?
    • Did you fetch the policy in your Unity-app with "Security.PrefetchSocketPolicy(yourServerIP, yourServerPort, yourTimeout);"?
    • What's the content of the "rsockpol.log"-file (inside the log-directory)?
    • What's the content of your standard.properties - are the ports etc. set correct?


    If you still can't run it, please send me a email with some more details, the log and configuration files and we will figure out a solution.

    Cheers
    Stefan



     
    Last edited: Jun 13, 2015
  10. clever

    clever

    Joined:
    Oct 11, 2012
    Posts:
    35
    I configured standard file for port 5199, the prefetch from Unity is also pointing to port 5199. I doublechecked that the port is allowed in the firewall as well.

    here's what I get from the log file after numerous attempts:

    2015-06-13 07:16:24,748 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Socket policy server startet on port: 5199
    2015-06-13 07:16:24,761 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Total runtime: 0 Days 0 Hours 0 Minutes 0 Seconds
    2015-06-13 07:16:24,764 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Total requests: 0
    2015-06-13 07:21:51,503 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Socket policy server startet on port: 5199
    2015-06-13 07:21:51,511 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Total runtime: 0 Days 0 Hours 2 Minutes 40 Seconds
    2015-06-13 07:21:51,514 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Total requests: 0
    2015-06-13 07:31:35,389 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Socket policy server startet on port: 5199
    2015-06-13 07:31:35,396 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Total runtime: 0 Days 0 Hours 12 Minutes 17 Seconds
    2015-06-13 07:31:35,398 [Thread-1] INFO c.c.r.server.SocketPolicyServer - Total requests: 0
     
  11. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    Hmm, that's really strange...

    Could you please try this in the command prompt of your client machine (probably you must install telnet as Windows-feature):

    telnet yourIP yourPort

    You should see the follwing output:

    <?xml version='1.0'?><cross-domain-policy><allow-access-from domain="*" to-ports="*" /></cross-domain-policy>

    Connection to host lost.

    If you get an error message, RSockpol isn't listening on that port, a firewall blocks the request, or the hostname is invalid:

    Connecting To hostname...Could not open connection to the
    host, on port <port>: Connect failed



    Did you also allow this port inside the Windows Firewall on the server-side?



     
  12. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    Hi

    Does it work now?


    Cheers
    Stefan
     
  13. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    We added a promo video:



    Cheers
    Stefan
     
  14. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    The new version 1.2.0b with minor changes and improved documentation is now in the store.

    Have fun! :)
     
  15. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    RSockpol is now forever free for all Unity users!

    Enjoy!


    P.S: Since the asset is now free, we only provide limited support for new users.
     
  16. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
  17. Stefan-Laubenberger

    Stefan-Laubenberger

    Joined:
    May 25, 2014
    Posts:
    1,173
    We decided to deprecate "RSockpol" since WebPlayer isn't supported anymore anywhere.

    If you really need it for something prehistoric project, just drop me a PM.


    All the best!
    Stefan