Hello Hadrien, > I installed liquidsoap on a Debian 8 Jessie server. The Debian firewall > - iptables - prevents liquidsoap to send an audio stream to a Shoutcast > server (`output.shoutcast()` function is used in the .liq script).
"iptables" is the userspace program to be used for configuring firewall rules on linux systems. Maybe some distributions include pre-configured rules within their packages, but at least regarding Debian there are no such defaults. Thus there are no rules besides "ACCEPT" for any kind of traffic. Thus I assume that you installed additional firewall-related packages (if this is really a firewall issue). I do not want to be excessively picky regarding these details - but you should make sure that you understand, who/what exactly created the rules, that you are fighting with now. > I've tried to observe the port opened by the liquidsoap process while > connecting to the Shoutcast server, but it seems that the port is > changing each time the sctipt is loaded ! As far as I understand your connection between liquidsoap and shoutcast, I assume that liquidsoap is the client? For a client it is very common to pick its source port randomly from the pool of upper port numbers. Thus the behaviour you observed sounds reasonable to me. > Which iptable rule should I use to make it work ? Is there a way to set > a fixed port for liquidsoap output process in a config file ? Does it > use TCP ? UDP ? Due to the random port variation on the client side it is more common to use the server's details for the rule specification. Just take a look at the server and run "netstat -lpn" (or the "ss" tool) in order to learn the port of the shoutcast daemon. In general I doubt, that you are really fighting with a firewall problem, since most out-of-the-box firewall setups should allow _all_ outgoing traffic. It is usually just the incoming traffic that is worth to be filtered. Did you take a look at "iptables -L -vn"? Do you want to share it with us? Cheers, Lars ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j _______________________________________________ Savonet-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/savonet-users
