I've got a client which can connect to a server, and it works fine when the server is running in LAN, but if a client outside LAN tries to connect to the server, it doesn't allow it to connect. I have forwarded the port that the server uses to my ipv4 address but it still won't allow the connection.
How can other clients connect to my server?

Have you forwarded the port through the firewall AND the router?

I disabled my firewall and it still didn't work. Also, when I go to the firewall settings, there is no option to forward a port, only to allow another program.

AND router? Your port needs to be forwarded through your router also. Test here: http://www.yougetsignal.com/tools/open-ports/

You shouldn't need to turn your firewall off. That shows a basic misunderstanding how the firewall works. You should read on how to open a port in your firewall.

Did you bind the port on the external interface or on all interfaces? Maybe it is just bound in the loopback device (thus allowing local connections)?

Cheers,
_

AND router? Your port needs to be forwarded through your router also. Test here: http://www.yougetsignal.com/tools/open-ports/

You shouldn't need to turn your firewall off. That shows a basic misunderstanding how the firewall works. You should read on how to open a port in your firewall.

Ok, I turned my firewall back on and opened the port that I need. I've also forwarded the port on my router but it still won't let anyone connect.

If the test tool I showed shows your port as open, then you have a problem in the code. Can you show us some of your code? Perhpas anda_soka's suggestion has relevence to your problem.

If the test tool I showed shows your port as open, then you have a problem in the code. Can you show us some of your code? Perhpas anda_soka's suggestion has relevence to your problem.

The test tool said the port is closed when I entered my external IP address and my local IPv4 address.

Here's the server code:

main.cpp:

#include <QtCore/QCoreApplication>
#include "myserver.h"

int main(int argc, char *argv[]){
QCoreApplication a(argc, argv);
myserver server;
server.startServer();
return a.exec();
}

myserver.h:

#ifndef MYSERVER_H
#define MYSERVER_H

#include <QtNetwork/QTcpServer>
#include <QDebug>
#include <iostream>
#include "mythread.h"

class myserver : public QTcpServer
{
Q_OBJECT
public:
explicit myserver(QObject *parent = 0);
void startServer();

protected:
void incomingConnection(int socketDescriptor);

};

#endif // MYSERVER_H

myserver.cpp:

#include "myserver.h"

myserver::myserver(QObject *parent) :
QTcpServer(parent)
{
}

void myserver::startServer(){
if(!this->listen(QHostAddress::Any,1234)){
qDebug() << "Server failed to start";
}
else{
qDebug() << "Server started";
}
}

void myserver::incomingConnection(int socketDescriptor){
mythread *thread = new mythread(socketDescriptor, this);
connect(thread,SIGNAL(finished()),thread,SLOT(dele teLater())); //deletes the thread after its finished being used
thread->start();
}

mythread.h:

#ifndef MYTHREAD_H
#define MYTHREAD_H

#include <QThread>
#include <QtNetwork/QTcpSocket>
#include <QDebug>

class mythread : public QThread
{
Q_OBJECT
public:
explicit mythread(int id, QObject *parent = 0);
void run();

public slots:
void disconnected();
void readyRead();

signals:
void error(QTcpSocket::SocketError socketError);

private:
QTcpSocket *socket;
int socketDescriptor;

};

#endif // MYTHREAD_H


mythread.cpp:

#include "mythread.h"

mythread::mythread(int id, QObject *parent) :
QThread(parent)
{
this->socketDescriptor = id;
}

void mythread::run(){
socket = new QTcpSocket();
if(!socket->setSocketDescriptor(this->socketDescriptor)){
emit error(socket->error());
return;
}

connect(socket,SIGNAL(disconnected()),this,SLOT(di sconnected()),Qt::DirectConnection);
connect(socket,SIGNAL(readyRead()),this,SLOT(ready Read()),Qt::DirectConnection);

qDebug() << "client" << socketDescriptor << "connected";
exec(); //stop thread from closing
}

void mythread::readyRead(){
QByteArray data = socket->readAll();
qDebug() << "client" << socketDescriptor << "sent" << data;
if(data == "J"){
socket->write("hello");
}
}

void mythread::disconnected(){
qDebug() << "client" << socketDescriptor << "disconnected";
socket->deleteLater();
exit(0);
}

The test tool said the port is closed when I entered my external IP address and my local IPv4 address.

Then your port isn't forwarded properly. Use your external IP address. There is a link underneath that you can click to fill the entry with your current IP address. The issue is likely your router at this point. Some routers are funky when it comes to port forwarding. My DLink router oddly doesn't forward ports externally .. only internally. But it does have a virtual server option that allows me to forward the port externally.

Whatever the case may be, make sure your port appears as open to an external tool like the one I gave you. There is no point in checking code until you can confirm the port is visibly open the outside.

Then your port isn't forwarded properly. Use your external IP address. There is a link underneath that you can click to fill the entry with your current IP address. The issue is likely your router at this point. Some routers are funky when it comes to port forwarding. My DLink router oddly doesn't forward ports externally .. only internally. But it does have a virtual server option that allows me to forward the port externally.

Whatever the case may be, make sure your port appears as open to an external tool like the one I gave you. There is no point in checking code until you can confirm the port is visibly open the outside.

Hmm... I've tried forwarding it to my internal and external IP addresses and it still says the port is closed. Just to test it, I tried the test tool with port 80 and it still said the port is closed...

Port 80 is in use by your browser. Look: http://traipsemeta.madmathlabs.info/ That is the meta server I run for the OpenRPG virtual game table software. This is my IP and port 64.21.252.156:9558 ... Port 9558 is open.

Port 80 is in use by your browser. Look: http://traipsemeta.madmathlabs.info/ That is the meta server I run for the OpenRPG virtual game table software. This is my IP and port 64.21.252.156:9558 ... Port 9558 is open.

Ok, well I just tried port 25565 from minecraft in the test tool which I know is open and it works, but the test tool still says its closed... Maybe I'm just doing something completely wrong...

Is your minecraft server running? Some routers stop port forwarding unless a service is running on it.

Is your minecraft server running? Some routers stop port forwarding unless a service is running on it.

It wasn't, but I just turned it on and tried again with my external IP, LAN IPv4 and hamachi IPv4 and it said the port is closed for all of them :/

Run your server.
At a command prompt run:

netstat --programs --numeric --listening --inet (Linux)
netstat -ban (Windows)


Does your server program appear in the list as LISTENING against the local address and port (1234) you expect.
Is the Local Address 0.0.0.0 or something else like 127.0.0.1?
If something else, is it the address your router is forwarding external connection requests to?

It wasn't, but I just turned it on and tried again with my external IP, LAN IPv4 and hamachi IPv4 and it said the port is closed for all of them :/

Firstly, Hamachi is a service that connects computers through the Hamachi mediator software. You are not going to be able to test an open port with that tool if you are using the Hamachi service. See if you can find an open port here: http://www.planetminecraft.com/forums/hamachi-servers-f57.html -or- http://www.planetminecraft.com/forums/hamachi-bukkit-server-t191569.html (#1 posted a mere 2 hours ago)

Now try one here: http://minecraft-server-list.com/ -- Here the ports are forwarded correctly through the PC's firewall and router.

The fact you are using Hamachi signals to me you are not forwarding ports through your router correctly. Members of the OpenRPG community use Hamachi, or like services, when they have trouble forwarding ports through their router.

Run your server.
At a command prompt run:

netstat --programs --numeric --listening --inet (Linux)
netstat -ban (Windows)


Does your server program appear in the list as LISTENING against the local address and port (1234) you expect.
Is the Local Address 0.0.0.0 or something else like 127.0.0.1?
If something else, is it the address your router is forwarding external connection requests to?

The local address is 0.0.0.0:1234, the foreign address is 0.0.0.0:0 and the state is LISTENING.

OK, it is listening for connections on any interface.

From your server can your client connect to 127.0.0.1 on port 1234?
No: The client or server code is faulty
Yes: Carry on

From a machine on your LAN other than the server can your client connect to server's LAN IP address?
No: The problem is quite probably your server's own firewall. Windows firewall or anti-virus perhaps?
Yes: Carry on

Install Wireshark or a similar tool on your server machine. Start a capture. For a machine outside your network can your client connect to the server?
Yes: Problem solved ;)
No: Carry on

Did you see the attempt to connect to port 1234 in Wireshark?
No: Problem is the firewall or port forwarding from your external connection.
Yes: Problem may still be a firewall on the server itself if it restricts by source IP address.

Did you see the attempt to connect to port 1234 in Wireshark?
No: Problem is the firewall or port forwarding from your external connection.
Yes: Problem may still be a firewall on the server itself if it restricts by source IP address.

Or (hoverever unlikely) firewall on the client machine blocking outgoing connections to unknown ports.

OK, it is listening for connections on any interface.

From your server can your client connect to 127.0.0.1 on port 1234?
No: The client or server code is faulty
Yes: Carry on

From a machine on your LAN other than the server can your client connect to server's LAN IP address?
No: The problem is quite probably your server's own firewall. Windows firewall or anti-virus perhaps?
Yes: Carry on

Install Wireshark or a similar tool on your server machine. Start a capture. For a machine outside your network can your client connect to the server?
Yes: Problem solved ;)
No: Carry on

Did you see the attempt to connect to port 1234 in Wireshark?
No: Problem is the firewall or port forwarding from your external connection.
Yes: Problem may still be a firewall on the server itself if it restricts by source IP address.

Thanks for that information, I just tried to connect to my server on another computer on my network (using telnet in command prompt because my client program doesn't work on windows xp yet) and that worked when I connected to 192.168.0.4. I've installed wireshark so I can test with another computer outside my network (well, as soon as someone comes on skype for me to test it with :)). I just noticed that my antivirus program was blocking some TCP connections, so I allowed port 1234 through. Hopefully I can get it to work soon :/

Yay it works :D

Only thing that's concerning me now is... is the connection safe? I've had to allow port 1234 to connect through my antivirus and firewall, and there's no password on the server. Is there a simple way of adding a password to the server so I can just tell the password to whoever I want to be able to connect?

Once a client connects they are connected. The password method would limit their functionality until the correct password is sent by the client. Just force the client into a password loop until they send the correct password and then disconnect them after failed atempts.

For an added security layer you can create a 'too many attempts' feature that prevents an IP from going past the listening method if they have attempted too many passwords. I'd probably use an XML file for this so you can store the IP and a time stamp, and when a connection attempt is made run a check on their IP and if it is found close the connection. Using a similar feature you could allow IPs to bypass the password method for a limited time.

Once a client connects they are connected. The password method would limit their functionality until the correct password is sent by the client. Just force the client into a password loop until they send the correct password and then disconnect them after failed atempts.

For an added security layer you can create a 'too many attempts' feature that prevents an IP from going past the listening method if they have attempted too many passwords. I'd probably use an XML file for this so you can store the IP and a time stamp, and when a connection attempt is made run a check on their IP and if it is found close the connection. Using a similar feature you could allow IPs to bypass the password method for a limited time.

Ok, thanks for all the help :D