Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Gyula Voros on October 07, 2003, 02:24:50 PM
-
Hi,
I'm sorry if this is in the forums already, I couldn't find it. I'm looking for a way to open a port on my SME 6.0b3 box, to run another server app (FreeNet) that listens on specific port. I can forward the port to a machine on my LAN and everything works fine, but if I run it on my SME server/gateway, i don't get any incoming connections - I imagine this is because the port is firewalled.
So, how do I open a port? ... if you don't mind including what file I should edit for I'd appreciate it. Thanks!
-- Gyula
-
Isn't there a port opening panel already in de server-manager???
-
Gyula Voros wrote:
>
> So, how do I open a port? ... if you don't mind including
> what file I should edit for I'd appreciate it. Thanks!
Officially, you use a custom masq fragment to open the port you need.
Something like...
mkdir -p /etc/e-smith/templates-custom/etc/rc.d/init.d/masq
echo '$OUT = allow_tcp_in(, 1)' > \
/etc/e-smith/templates-custom/etc/rc.d/init.d/masq/90InboundTCP10Custom
/sbin/e-smith/signal-event remoteaccess-update
Where is the port you wish to open.
Mike
-
well,
all the port opening stuff is in the service managaer,,just lok at it and then you can open a port ,,,,,thants it
-
Thanks for the suggestions. I got it working by using Michael Soulier's method but I had to add the following
adjust_tcp_in ACCEPT $NEW_InboundTCP
to the custom template fragment instead of the $OUT = .... that was suggested.
And there is a port *forwarding* panel in SME Manager... but I tried 'forwarding' a port to the server, but that didn't seem to work. I just needed the port open so a process running on the SME box listening to the port would actually hear stuff. :) And now I have it working beautifully.
Too bad FreeNet seems to be having problems at the moment. Interesting concept, though.
Thanks everyone,
-- Gyula
-
Gyula Voros wrote:
>
> Thanks for the suggestions. I got it working by using Michael
> Soulier's method but I had to add the following
>
> adjust_tcp_in ACCEPT $NEW_InboundTCP
>
> to the custom template fragment instead of the $OUT = ....
> that was suggested.
My bad. The suggested fragment needs braces around it.
[root@sme1-60 root]# cat /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/90InboundTCP10Custom
{
$OUT = allow_tcp_in(3333, 1)
}
> And there is a port *forwarding* panel in SME Manager... but
> I tried 'forwarding' a port to the server, but that didn't
> seem to work. I just needed the port open so a process
> running on the SME box listening to the port would actually
> hear stuff. :) And now I have it working beautifully.
The portforwarding panel was designed to forward external traffic to internal boxes, not for forwarding to itself. We may add that capability, but I don't see a big demand for it.
Mike
-
Well Michael Soulier, I would like to see the SME Server open a port to itself in the Server Manager.
Perhaps I will add it to the wish list.
-
To what end? If a port needs to be open for an application, that application (or the e-smith interface RPM) should open the port itself.
-
Dan Brown wrote:
>
> To what end? If a port needs to be open for an application,
> that application (or the e-smith interface RPM) should open
> the port itself.
Agreed. We're looking at changes required to permit the portforwarding panel to properly forward ports to localhost, which currently does not work. I don't see the point of a "port-opening" panel. If you are installing a new service, write an e-smith package to go with it, that includes masq fragments to modify the firewall rules appropriately, not to mention the templates for the service's configuration files.
Mike
-
This sounds like it solves a need of mine. Where can I read a bit more creating and using masg fragments? I have searched the manuals and forums for "masq fragment" and similiar without harvesting too much.
TIA,
- Mark
-
Hi Michael Soulie,
I had followed the instruction given above but I still cant open the port 10080 for the SME 6.0(Server and gateway)...
{
$OUT = allow_tcp_in(10080,1)
}
-
This sounds like it solves a need of mine. Where can I read a bit more creating and using masg fragments? I have searched the manuals and forums for "masq fragment" and similiar without harvesting too much.
TIA,
- Mark
The best place is the server itself.
/etc/e-smith/templates/etc/rc.d/init.d/masq
Mike