Hello all, I’m working on a school project where we’re supposed to document the port numbers and protocols used by open source software to communicate with external services. I decided to use KiCad for this purpose.
I believe that the software has two types of networked operations - checking for updates and sending crash/error report data through Sentry.
I believe KiCad uses the standard HTTPS port (443) over TCP to check for updates on downloads.kicad.org. can anybody confirm this?
I was unable to find what port or protocol would be use to forward crash and error reports to Sentry. Can anybody provide some guidance on this?
I am guessing that the intention of your school project is to learn to work with a network sniffer or other software to find out what programs do. “Managed switches” can be set to reroute / copy network traffic, and software such as wireshark can be used to analyze the captured traffic.
Or there is always the dreaded source code approach…
Documentation on the site is for end users. When designing a circuit board no one cares about what ports crash reports use. If you can’t install software on the school laptop then perhaps they are not giving you the proper tools to start with.
Also, I’m not aware that Kicad checks for updates. On Linux systems that is up to the package manager. I have NO clue as to what Windows does.
Note that normally a software app like KiCad is a network client. Therefore the server port is determined by the service. The client side will use a random free port for the TCP connection. (There are 4 parameters in a TCP network connection: server IP, server port, client IP, client port.) If accessing a web site by https then yes, it’ll be port 443 on the server side. I don’t know what port the Sentry server uses, but it could be https also.
I think the source code for the core application’s external communication is here.
For individually developed plugins, you’ll need to contact the developer of each plugin.
Why can’t I install the application? Is it a procedural issue where they don’t report what ports are being used? Or is it because a solution is being applied to manage multiple PCs centrally to prevent the spread of viruses and other applications unnecessary for learning?
It is common for organizations to have administrative policy settings that prevent unknown applications from being installed.
In order to view web pages or download something using HTTP or HTTPS communication, it is often necessary to configure a firewall to whitelist the other server or to configure an appropriate proxy within the organization. Have these issues been resolved?
It might also be a good idea to establish communication with akamai, cloudflare, github, etc.
If KiCAD can be installed independently from the network and you are allowed to bring in the installation data and install it on school computers, I think you can use and study without connecting to an external network.
All you have to do is prepare the learning materials offline.
To aid in avoiding PII capture, all sentry reports go to a “sentry-relay” server run on KiCad owned infrastructure, this relay serves as a proxy to communicate to the main sentry.io platform, this aids in hiding originating IP addresses but we have also turned off the storage of IP addresses in sentry.
