On 12/3/2013 9:20 AM, Tom Eastep wrote: > On 12/3/2013 1:03 AM, Jérôme Blion wrote: >> Le 2013-12-03 01:47, Tom Eastep a écrit : >>> On 12/2/2013 3:16 PM, Jérôme Blion wrote: >>>> Hello, >>>> >>>> I have a small question for you. >>>> My setup : >>>> - One server under Debian Wheezy where Shorewall resides >>>> - One bridge to allow my LAN (ethernet, wifi, and TV) >>>> - Several clients >>>> >>>> I want to install a UPnP client on the shorewall box. >>>> So I read: http://www.shorewall.net/UPnP.html >>> >>> Which client? You must: >>> >>> a) configure your client to use a particular incoming port; and >>> b) open that port net->fw >>> >>> And what do you mean by 'server'? Neither linux-igd nor Shorewall >>> support a server such as a media server. >>> >>> -Tom >> >> >> Hello, >> >> I want to use a bitorrent client, either on my computer, either on the >> shorewall box. They can use a random port at start. >> I would like this bitorrent client to dynamically open this port using >> UPnP. > > That is not possible when the bitorrent client is running on the > Shorewall box. In that case, you must configure the client to use a > static incoming port and you must have a net->fw ACCEPT rule for that > port. The 'upnpclient' option is not relevant in that configuration. > >> >> With miniupnpc, I was not able to detect the linux-igd daemon on the >> shorewall box. >> > > And you were running miniupnpc where? On a computer in your local LAN?
I notice that you have a REJECT policy for fw->loc. That being the case, you need the following rule to allow UPnP to work from the local LAN: ACCEPT $FW loc udp The reason is that Netfilter connection tracking doesn't work with Multicast, so you must explicitly accept the firewall's responses to Multicasts from the LAN. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
