You are not logged in.
So... I'm behind a router. Basically I just want to allow a few ports for my LAN and a few for outside. The outside ports are working, but I can't get the LAN ports to open. More specifically: Trying to get syncthing and kdeconnect to work (both work fine if I turn the arno service off). But I can see in my journal that the broadcasts get blocked. I'm guessing that's because they use the same interface (wlan0)? But I can't set wlan0 as INT_IF too ( "ERROR: One or more interfaces specified in EXT_IF is the same as one in INT_IF" )... which is why I set INTERNAL_NET manually... but that didn't help.
( I know how to do this with just iptables, but I wanted to try using arno's firewall for other reasons)
Made sure the firewall.conf is vanilla.
This is approximately how the local conf looks like at the moment (tried around a lot before though):
# LAN_INET_OPEN_TCP and LAN_INET_OPEN_UDP
lan_open_ports="22000, 21027, 1714, 1900"
# Syncthing Syncthing Kdeconnect ???router???
outside_open_ports="5000"
EXT_IF="wlan0"
#EXT_IF_DHCP_IP=0
#INT_IF="wlan0"
INTERNAL_NET="192.168.1.1/24"
#EXTERNAL_NET=""
NMB_BROADCAST_FIX=1
TRACE=0
LOG_MARTIANS=1
# IP_FORWARDING=0
OPEN_TCP="$outside_open_ports"
OPEN_UDP="$outside_open_ports"
#DENY_TCP_NOLOG="8612"
#DENY_UDP_NOLOG="8612"
LAN_INET_OPEN_TCP="$lan_open_ports"
LAN_INET_OPEN_UDP="$lan_open_ports"
# This leads to error, don't know why
#HOST_OPEN_IP="192.168.1.1"edit: While I was posting this, it spontaneously started working for no reason. Possibly. Now I have to test if I really got it working or if I just broke the firewall somehow (or if syncthing just found a way around the closed ports somehow)
edit: I think it only started working temporarily because syncthing snatched the port while the service was reporting? Not sure what's happening.
Could anyone point me to a working example config or something (multicast maybe?)?
Last edited by whoops (2016-03-15 11:57:31)
Offline