Who is 213.202.250.101 and why is my server trying to contact it on port 45647?
I've looked through the config file and have found nothing in there that shows that IP or port being used.
Our server is behind a firewall and is only used on the LAN. It is really bothering the firewall guy. It seems to be trying to communicate every 5 minutes, then sometimes not for 15 minutes, but never less than 30 minutes apart.
How do I make it stop?

Thanks.

I think thats the "bouncer" which is used to determin the WAN IP of the Teamspeak server. I can safely ignore it. My Server runs behind a firewall as well and the only port that is open is the UDP port it is using (as well as the Webadmin port for LAN access). You can tell your firewall guy that he can safely block that traffic without harming the Teamspeak Server in any way.

inetnum: 213.202.250.0 - 213.202.250.127
netname: NGZ-DATACENTER
descr: NGZ-DataCenter ServerHousing
country: DE
admin-c: NE103-RIPE
tech-c: NE103-RIPE
status: ASSIGNED PA
notify: lir@ngz-datacenter.net
changed: lir@ngz-datacenter.net 20030221
remarks: ***********************************
remarks: * *
remarks: * Mail all Abuse to *
remarks: * *
remarks: * abuse@ngz-datacenter.net *
remarks: * *
remarks: ***********************************
mnt-by: ETTEL-MNT
source: RIPE

As mentioned before this IP or better to say the service running on this IP is used to determin the WAN IP of the Server (for servers behind a router). The TS webserver runs on is 213.202.250.100 so the assumption that 213.202.250.101 belongs to TS as well is quite obvious.

If your network guy doesnt like what is going on he can as well monitor the connection and analyse the data which is sent to that host but it will turn out that it is nothing more than a simple ping and maybe some data about your server. This data will most probably be used to display running servers with their stats in the future.

I can just repeat what i have said. Block that ip if you like. It doesnt do you any harm. Leave it open and nothing bad will happen either. But if your admin is so afraid of what is going on he really should analyse that data.

This was an older thread but an answer I was looking for too.

Can't say the ones posted really make me feel any better about it. Of course I was already real suspicious since it was totally absent in the documentation.

If it means anything to anybody - My first thought was spyware!

The server has an option to turn off the automatic IP lookup so I have to assume this does not have anything to do with that purpose, or does the option to turn it off not work? I have this option set to off and I'm still getting these traffic attempts.

There isn't in any documentation anywhere about this either. Maybe you want to add this information somewhere so people are not 'worried' about what it is for?

I know you can block it but just being up-front about it removes the 'bad' feelings. Seems underhanded to have software reporting to somewhere and nothing that tells anyone about that function.

You do want everyone to feel good about your software - don't you?

If I'm worried about it I need to examine the data...

True, and because it does this I certianly will. Maybe if it were documented and explained I would skip it too. Maybe user's administrators don't need to be wasting their time needing to look - and in fact may just say 'no' instead. The 'bad' from this just continues.

Please think about it.

this is an udp packet, it includes the date written below.
all of this data is only used for our new weblist. which
isnt avaible yet in current client releases.

there will be an option to turn this off in one of the next
server builds.
(commercial server versions cant disable this function)

ISPName
ISPLinkURL
AdminEmail
ServerNameOS
bFlags //0x01 = list public / only for statistics
//0x02 = clan server / public server
//0x04 = free server / commercial server
//0x08 = password / none password
ServerPort
ISPCountry
MaxUsers
UsersOnline
Channels
UpTime
Bandwidth
Version

(this is the final telegram structur comming up with b25,
all builds before use an sligthly different telegram
structure but with same content.)

you need more infos ?

Well, I appreciate the info. Unfortunately it is something we really need to be able to turn off. It hits the logs every 5 minutes and seems to be an issue.
Is there a way to turn this off so it does not try to contact the weblist server?
Your help is appreciated.

@MoonCrater:

It actually DOES turn up in the client-documentation. Look at MANUAL -> Frequently Asked Questions -> Q: Does Teamspeak 2 contain spyware?

@Ralf:

Is there anything you can spill about this "commercial-version" thing?

Ciao Ralf

as ngz migrated their servers our server's ip changed as well: 213.202.254.116
(this should make it easier to find the thread with the words traffic packet and the ip above)

cu
SatanClaus