I am working on a program that needs to be able to handle firewalls eloquently while allowing direct communication between 2 clients.
I am thinking of something similar to Skype where the third party is used to establish the connection between two users, but none of the actual data is sent to the third part once the connection is established.
I understand that pretty much all firewalls block all unsolicited incoming traffic, but it is pretty easy to be able to have a program establish a connection as long as the internal program was the first to communicate out. What I don't understand is how a connection is able to be established between the two clients directly.
How can I implement something like this? Is there any proper terminology for what this technique is called? One client has to be written in Java, but the server and other client can be in pretty much any language I want.
I apologize in advance if this question has already been asked, I tried looking around, but I feel like I may not being using the correct keywords to find it.
I think the terminology you're looking for is "NAT traversal". It's less about firewalls, and more about overcoming the difficulty of reaching a particular node on the other (private) side of NAT device (like a cable modem, for example, where the LAN side is usually assigned some non-routeable address range like 192.168.*.*)
One technique that might work for you is UDP hole punching. Each endpoint can establish outgoing connections to a third-party server, and the NAT device at each endpoint will open up ports to allow return traffic through the firewall and route it to the appropriate LAN node on each side. The endpoints exchange port information through the third party server, then re-use the "holes" they just "punched" through the NAT devices to communicate directly with one another from that point onward.