Important Update from 12th January 2017

As mentioned by the Adobe support on the team has introduced another number of blocked server ports with the Flash Player version
Unfortunately this includes ports 6665-6669. We recommend that you change the IRCd port to a number outside of this range and adjust the lightIRC port (params.port) accordingly. Please remember that you’ll also allow the new port in your flashpolicy.xml.
We are very sorry for the inconvenience, but there is no other workaround lightIRC can do as this issue arises by a change in the Flash Player itself.

See also: lightIRC Support Issue 735

Flash Policy setup instructions

When you can’t connect to a server and the client shows a security sandbox violation message, the server the IRCd is running on does not allow connections from a Flash client.
Due to the socket security policy Adobe introduced with Flash Player 9,0,124 you are forced to have a daemon that delivers a crossdomain.xml to allow establishing a connection.
It is not a restriction of lightIRC, but one of Adobe Flash!

IRC server runs on Linux

Our pick: flashpolicyd

To install a flash policy server on linux you need to do the following:

  • Download our prepared flashpolicyd (based on the flashpolicyd project):
> wget
> unzip
> cd flashpolicyd
> wget --no-check-certificate -O flashpolicyd.rb
> chmod a+x flashpolicyd.rb
  • Make sure you have Ruby installed. If you have not, you can maybe install it with one of the following commands depending on your Linux distribution or through compiling the Ruby sources:
> apt-get install ruby
> yum install ruby
  • Start flashpolicyd
    > ./flashpolicyd.rb --xml flashpolicy.xml --logfile flashpolicyd.log
  • Verify that flashpolicyd is running:
    > tail flashpolicyd.log

    If you see this message the flashpolicyd started succesfully:

    "Starting server on port xxx in process xxx"

Possible errors and their solution

It crashes/stalls!

This means you have a old version of flashpolicyd.rb, update it using the following command:

> wget --no-check-certificate -O flashpolicyd.rb

It tell me I don’t have permission to ‘bind’!

If you get this error:

"Can't open server: Errno::EACCES Permission denied - bind(2)"

It means your tried to start the flashpolicyd on a port below 1024, which requires root access. Start the daemon as root (On debian systems you can use the command sudo for this) or use the following command:

> ./flashpolicyd.rb --xml flashpolicy.xml --logfile flashpolicyd.log --port 8002

Your flashpolicyd is now started as a normal user with a different port. You must pass the parameter policyPort (params.policyPort = 8002; in your config.js) to lightIRC.swf when starting flashpolicyd like this!

Other policy daemons

IRC server runs on Windows

We recommend the use of Silverlight and Flash Policy File Server
Download it from the project website, change the listening port in policyserver.exe.config to 843, put the following XML into policyfile.xml and start the application using policyserver.exe.

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
   <site-control permitted-cross-domain-policies="master-only"/>
   <allow-access-from domain="*" to-ports="6667" />

Pin It on Pinterest

Share This