I managed to setup Bluebox from Smartfox to run my Unity3d network application through it in corporate network. However, unfortunately it still does not work. I think that the problem is related to the policy file. I use PrefetchSocketPolicy two times:
Security.PrefetchSocketPolicy(serverIP, 9339);
Security.PrefetchSocketPolicy(serverIP, 80);
Because port 9339 is not available in corporate network, so I use also port 80 which is dedicated for Bluebox. However, socket connection is used to prefetch policy file and I think that this may be a problem.
Bluebox usually runs 8080 unless you moved it.
Additionally PrefetchSocketPolicy does not specify what port you can open - but where to grab the policy file. The policy file should specify if its ok to open a connection to the bluebox server
So only use one PrefetchPolicyCall
/T
put this in a crossdomain.xml and let the webplayer prefetch it.
<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" to-ports="8080,9339"/>
</cross-domain-policy>
You can specify that but if you just don’t specify any, then all ports on that domain are allowed so you have “less problems” related to ports.
I wouldn’t add the to-ports until you are “ready” basically and know which ports are definitely in use to prevent phantom issues from security rejections caused by it.
At the moment my Bluebox runs on port 80, but there is still an option that standard (not Bluebox connection) connection will be used, so I have to check both ports for the policy file (9339 and 80) and now it looks like this:
if (!Security.PrefetchSocketPolicy(serverIP, 9339)) Security.PrefetchSocketPolicy(serverIP, 80);
In my file I do not specify ports, so it is even more general. However, the file itself is not a problem, because in Wireshark logs I see that it is even not downloaded. There are three unsuccessful (no reply on TCP SYN) attempts to port 9339 and then three to port 80 (and this should work). However, when I open http://SERVERIP:80/BlueBox from the same PC I see Bluebox page, so there is a communication. Is there a possibility that pollicy is downloaded through simple socket connection (and this is still blocked somehow in my corporate network) while in my network only connections that have http in higher layer are allowed? I’m going to investigate this problem more carefully tomorrow.
I’m not sure this will work.
Better would be to just drop the policy on SFS and have 1 center file on port 80 to handle all the ports needed.
Or just allow the domain on all ports.
So put the xml in the webserver root, don’t specify the ports in the xml and prefetch the xml on port 80.
something else i remember, if fetch the policy on a high port ( +1024 ), that policy can’t validate ports under 1024, don’t remember exactly what it was, you should check that also.
Ahhh yeah - true. I read that also somewhere.
It probably works because I see in traces that Unity is looking on 9339->80->843. However, your idea is better and I will put one policy on port 80. You are also right about this >1023 rule. I know about this. Today, I didn’t have time to debug my problem, but I hope that tomorrow I’ll be able.