Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: preppen on September 19, 2006, 11:09:29 AM
-
Hi...
I have an ventrilo server (a couple acually) placed in a server within my home network. Im using SME Server 7.0rc2 to handle my local network, routing and the webserver.
There is no problem to use port forwarding to my other computer where my ventrilo server is. But now I need that server to other stuff and thougt I could move the ventrilo servers to my network server.
NO problems to move and start the ventrilo servers... BUT they are not avalible from outside my home network!
why?
Do I have to open port 3784? how do I do that?
would be great to get a quick answer... please help? :(
-
Try modifying this post..
http://forums.contribs.org/index.php?topic=33481.msg143876#msg143876
-
Or just port forward port 3784 to localhost
Jon
-
william_syd... to much work to do. :roll:
JonB... It works to forward like the way you describe, BUT I still cant see my ventrilo server outside my local network.
I tryed to install Dancguardian and see if it could help me whith my problems, the install went fine and the computer said sucessfully installed. But I dont have link on CP to access Dancguardian. Why?
Im using SME Server 7.0rc2.
-
william_syd... to much work to do. :roll:
JonB... It works to forward like the way you describe, BUT I still cant see my ventrilo server outside my local network.
I tryed to install Dancguardian and see if it could help me whith my problems, the install went fine and the computer said sucessfully installed. But I dont have link on CP to access Dancguardian. Why?
Im using SME Server 7.0rc2.
Creating firewall pinholes for your application
Let us say that your service needs to provide a public service on TCP/IP port 4321, which is normally blocked by the firewall rules. All that you need to do is define this to the SME Server
config set myservice service TCPPort 4321 access public status enabled
signal-event remoteaccess-update
Go into Server Manager > Local Networks
Network 0.0.0.0
SubNet Mask 0.0.0.0
Now only your port forwarding rules are protecting you.
How did you install Ventrilo.
Mine works fine here.. MyVent (http://secure.magicwilly.info:8080/BF2/Vetrilo_BF2_Stats2.shtml)
SME is in Server Only mode though.
-
How the heck do I delete a message ?
-
no... nothing works!!!
http://www.venten.nu/?Vent%26nbsp%3B1 = a port forwading rule to another computer on the network. THIS WORKS!
http://www.venten.nu/?Vent%26nbsp%3B2 = a ventrilo server on the network server running on localhost. THIS DOESN'T!!!
etc/rc.d/init.d/masq looks like this after opening ports.
# ventrilo2: TCPPort 3786, AllowHosts: 0.0.0.0/0, DenyHosts:
/sbin/iptables -A $NEW_InboundTCP --proto tcp --dport 3786 \
--destination $OUTERNET --src 0.0.0.0/0 --jump ACCEPT
/sbin/iptables -A $NEW_InboundTCP --proto tcp --dport 3786 \
--destination $OUTERNET --jump denylog
/sbin/iptables --table nat --append PortForwarding_$$ --protocol tcp \
--destination-port 3786 -j DNAT --to-destination 83.227.219.3:3786
adjust_tcp_in 3786 ACCEPT InboundTCP_$$
I don't know what to do now?
-
Whats with the 3786 ?
Oh... Your running the older version.
What does
iptables -L | grep 3786
display?
Go into Server Manager > Local Networks
Network 0.0.0.0
SubNet Mask 0.0.0.0
Now only your port forwarding rules are protecting you.
At the moment, doing the above is the only thing that opens Ventrilo to the 'net for me.
-
It display this...
ACCEPT tcp -- anywhere ua-83-227-219-3.cust.bredbandsbolaget.se tcp dpt:3786
denylog tcp -- anywhere ua-83-227-219-3.cust.bredbandsbolaget.se tcp dpt:3786
ACCEPT tcp -- anywhere ua-83-227-219-3.cust.bredbandsbolaget.se tcp dpt:3786
denylog tcp -- anywhere ua-83-227-219-3.cust.bredbandsbolaget.se tcp dpt:3786
I tried to go into Server Manager > Local Networks
Network 0.0.0.0
SubNet Mask 0.0.0.0
I have
Network 192.168.0.0
SubNet Mask 255.255.255.0
and that can't be changed, I can't add what you wright niether...
-
It display this...
ACCEPT tcp -- anywhere ua-83-227-219-3.cust.bredbandsbolaget.se tcp dpt:3786
denylog tcp -- anywhere ua-83-227-219-3.cust.bredbandsbolaget.se tcp dpt:3786
ACCEPT tcp -- anywhere ua-83-227-219-3.cust.bredbandsbolaget.se tcp dpt:3786
denylog tcp -- anywhere ua-83-227-219-3.cust.bredbandsbolaget.se tcp dpt:3786
I tried to go into Server Manager > Local Networks
Network 0.0.0.0
SubNet Mask 0.0.0.0
I have
Network 192.168.0.0
SubNet Mask 255.255.255.0
and that can't be changed, I can't add what you wright niether...
And what makes you think it's not working ? The blank NanoSpy window? I think you need the UDP port to be forwarded for that to work.
You have to put a router ip.. try the ip of your sme.
-
well ventrilo work inside my network, but isn't shown outside...
I edited etc/rc.d/init.d/masq and put the ip from my router instead of "public" ip
/sbin/iptables --table nat --append PortForwarding_$$ --protocol tcp \
--destination-port 3786 -j DNAT --to-destination 192.168.0.XXX:3786
adjust_tcp_in 3786 ACCEPT InboundTCP_$$
nothing! I'm out of ideas now... I read the manual and do what it says... !
Does it matter where in what folder I put the ventrilo servers?
-
etc/rc.d/init.d/masqetc/rc.d/init.d/masq has a warning at the top not to change it.
When I connect to your Ventrilo server I get a protocol error. This is because I'm using a newer client. This shows that people on the 'net can connect.
Status information uses UDP. What ever you opened for TCP also open for UDP.
EDIT: Just installed old client and CANNOT connect. Interesting.
You put your router IP in the Local Network page of ServerManager.
(http://magicwilly.webhostingpal.com/ContribsForumPictures/localnetwork/localnetworks.png)
And the result something like this...
(http://magicwilly.webhostingpal.com/ContribsForumPictures/localnetwork/localnetworks2.png)
-
When I add local network like you describe, my internet connection disapers!
I have 5 computers att home, 2 kids and 1 wife playing World of Warcraft on their computers... when our internet connections disapears I have 3 angry faces infront of me... :( every time I have to restart the network server I getting closer to being lockedout from home. :shock: :wink:
-
opps sorry... but I'm all out of ideas now. Works on mine bit it is in server only mode.
-
thanx for trying... I will do an update of sme first then try again...
-
One last thing..
db networks set 0.0.0.0 network Mask 0.0.0.0
then
expand-template /etc/rc.d/init.d/masq
then
service masq restart
If no good
db networks delete 0.0.0.0
then
expand-template /etc/rc.d/init.d/masq
then
service masq restart
-
Just maybe...
db configuration set ventrilo service access public status enabled TCPPort 3786 UDPPort 3786
signal-event remoteaccess-update
-
Just maybe...
db configuration set ventrilo service access public status enabled TCPPort 3784 UDPPort 3784
signal-event remoteaccess-update
I have tested this on my gateway server with dynamic ip dans dyndns service working.
Each time my ip change, the port 3784 go Stealth and can't be reached from the wan.
I have to enter
db configuration set ventrilo service access public status enabled TCPPort 3784 UDPPort 3784
signal-event remoteaccess-update
again to make my ventrilo service working again!
How can it be possible to open once for all the port 3784!!!!!
thks for your answers
dave
-
Did you also have to do a port forward in server-manager ?
-
Did you also have to do a port forward in server-manager ?
yes i did it 3784 udp and tcp are fowarded to localhost (ip of the server 192.168.1.1)
The command
iptables -L | grep 3784
give me
ACCEPT tcp -- anywhere AGrenoble-2X7-X-1XX-2X.w90-9.abo.wanadoo.fr tcp dpt:3784
ACCEPT tcp -- anywhere anywhere tcp dpt:3784
ACCEPT udp -- anywhere AGrenoble-2X7-X-1XX-2X.w90-9.abo.wanadoo.fr udp dpt:3784
ACCEPT udp -- anywhere anywhere udp dpt:3784
-
yes i did it 3784 udp and tcp are fowarded to localhost (ip of the server 192.168.1.1)
(http://www.magicwilly.webhostingpal.com/ContribsForumPictures/ventrilo/portforward.png)
-
Someone on the french list think that:
iptable takes only care of IP ans not domain name cause when de ip changes, port 80, 25, 21, 22.... stay ok. Only the changes we made in iptable goes wrong. 3784 goes stealth cause it was open but only for an ip and not a domain!
We still looking for a solution but we need help
Dave
-
What does iptables look like after
db configuration delete ventrilo
signal-event remoteaccess-update
db configuration set ventrilo service status enabled
signal-event remoteaccess-update
and did it make any difference.
-
thks william.
I have tested your trick but no result.
I actualy test the contrib portopening.
i keep you informed.
David
-
the contrib portopening did nothing more!
Now i ask about how to lunch automaticaly the remote-access each time the ip changes!
And for that i need help!
Thanks
Dave
-
I've asked the question about your problem in the mailing-list.
http://lists.contribs.org/mailman/public/devinfo/msg09380.html
-
The problem with DynDNS has now moved to the bug tracker.
1977 (http://bugs.contribs.org/show_bug.cgi?id=1977)