bpa wrote: > These are port number of the "caller" or client and will always be > different - each time each connection will be different. This is how TCP > works. > > Firewalls are setup to stop calls TO a port number not FROM a port > number.
Right, so are you saying that a rule like: RULE TYPE SOURCE PORT ; DESTINATION PORT PASS TCP/UDP 192.168.X.XX ALL ; 192.168.Y.YY 9000, 3483 Basically, any port from the client can contact the destination port on LMS. But doesn't this expose the server if someone maliciously hack my piCorePlayer client and attempt to run other programs? Surely by resticting the source port you tie it down more? I guess if the source port is changing all the time, then you could use an interval for the source port (if its running on intervals I guess ...)? BUt maybe the whole point is to ensure that the clients are secure too by changing default passwords, etc. ------------------------------------------------------------------------ squeezetux's Profile: http://forums.slimdevices.com/member.php?userid=68286 View this thread: http://forums.slimdevices.com/showthread.php?t=109260 _______________________________________________ Squeezecenter mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/squeezecenter
