Firewall Issues

When installing psyced or many other interserver PSYC applications you will probably want to configure your firewall or NAT router to handle port 4404 and other ports required for further protocols like XMPP.

The procedure generates a configuration suitable for Linux-based firewalls. You can guess from the numbers you put into psyced.ini which ones you will probably want to forward to your psyced server process.

Running psyced without reception ports is usually not very useful. It results in a Don't Call Us, We Call You kind of behavior: You only get messages that have been queued for you the moment you send something to your counterpart, thus create a connection. That's because in PSYC, circuits are bi-directional, so you can at least poll for PSYC traffic. Still that isn't the way PSYC was intended to be used.

If you insist on using psyced across a NAT or firewall, please make sure it doesn't inadvertently shut down TCP sockets. PSYC is designed to either never shut down TCP circuits (psyced's behaviour) or to do it with a proper shut down protocol. If a router does so itself, this will be treated as an error in PSYC. You may experience message loss at that point (but at least you got warned about it).

An other way to circumvent this problem would be to send periodic pings. They are specified and accepted, but psyced currently doesn't actively send them, as they are not necessary within the main back-end of the Internet. Normal Internet does not drop TCP connections.

See also