How can I simulate blocking RTMP over port 80 on Windows?

I've got a simple Flash client connecting to a Flash Media Server, and I'd like to be able to simulate the client doing the following:

• Attempting to connect to an RTMP stream on port 1935 and failing,
• Falling back to RTMP on port 443 and failing,
• Falling back to RTMP on port 80 and failing, and ultimately
• Falling back to RTMPT (HTTP) over port 80 and succeeding.

This is supposed to be the default behavior of the Flash player, for example as described here:

In many cases, this is all you need to get past many firewalls without even using HTTP tunneling. This works because of a feature built into the NetConnection object. When you do not specify a port number in an RTMP address, Macromedia Flash will attempt to connect to port 1935. If it fails it will then try to connect to port 443; if that fails, it will try port 80. So no coding is required to access ports 1935, 443, or port 80 if you do not specify a port in the RTMP address.

And here:

When connecting to FMS you'll use a netConnection object on the client side, within the parameters of the connect method you can set what protocol you want to use: nc.connect("rtmp://whatever"). If you do that it should be noted that the flash player will cycle through different ports and protocols trying to connect up automatically. Of course you can set which protocol you want to use by changing the rtmp part. The Flash player will try connecting to rtmp over port 1935, then port 80, then it'll try rtmpt (covered below) over port 80.

I'm on a Windows 7 machine, and essentially I'm looking for tips as to how I can simulate an environment in which Flash fails to connect to an RTMP stream on any port and falls back to RTMPT. Windows Firewall seems to allow for setting a开发者_运维知识库 "protocol number" (in addition to the usual port number -- e.g., TCP is 6, UDP 17, etc.), but I can't seem to find a protocol number for RTMP.

If anyone has any suggestions as to how I can simulate this behavior simply, I'd hugely appreciate it. Many thanks in advance.

I was able to make this work using Firefox on Windows 7 with a proxy server running on the local machine (localhost). I used Windows Firewall to block outbound connections to ports 1935, 443 and 80 for the specific destination IP address for process: "plugin-container.exe" . (Believe Firefox 3.6 and greater use "plugin-container.exe" for running the Flash plugin.) And then I set the Windows system proxy settings (via IE, Tools->Internet Options->Connections->LAN settings) to use my local http proxy server. Interesting that Flash apparently uses the Windows proxy settings, rather than Firefox's, even when running from within Firefox.

RTMP is built on top of TCP, so you should be able to pick TCP and the corresponding port to use your firewall to test.

You'll want to create one custom rule for each port.

name: RTMP Default (1935)
protocol: TCP
local port: any
remote port: 1935
local ip: any
remote ip: any

name: RTMP over 443
protocol: TCP
local port: any
remote port: 443
local ip: any
remote ip: any

name: RTMP over 80
protocol: TCP
local port: any
remote port: 80
local ip: any
remote ip: any

Then set the RTMP Default rule to block all traffic, but set the others to allow. Then test and ensure it fails over to port 443. Then set the RTMP over 443 rule to block, and ensure it fails over to port 80.

You will have to use an HTTP proxy server intermediary which will throw an HTTP error for invalid requests. I'm not sure how the RTMP protocol does this, but I suspect you may be erroneous in claiming that it tries RTMP over port 80 and then falls back to RTMPT on the same port. That really wouldn't make a whole lot of sense. BUT - IF this is actually the case, which personally I find highly unlikely and I personally would never design a protocol to use two different formats on the same port, THEN you would need to have an intermediary such as an HTTP proxy server which is the only realistic way I could see this happening in practice.