[AG-TECH] How configure a Bridge server?
Jason Bell
j.bell at cqu.edu.au
Thu Jul 22 01:22:25 CDT 2010
G'day Sangil
Can I ask how you are starting you Unicast Bridge. As the ports specified might be different to those configured within iptables.
For example, you might noticed that some unicast bridges, as listed in Venue Client -> Tools -> Preferences -> Bridging have different port ranges.
Not sure if it helps, but I updated a security document yesterday (see http://www.accessgrid.org/node/1987) which might be of some assistance. I have those firewall rules in place and I am able to connect to the bridge.
The one rule I can see missing is "iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT" which is required for multicast.
Hope this helps.
Cheers,
Jason.
-----Original Message-----
From: ag-tech-bounces at lists.mcs.anl.gov [mailto:ag-tech-bounces at lists.mcs.anl.gov] On Behalf Of Sangil Choi
Sent: Thursday, 22 July 2010 12:04 PM
To: ag-tech at mcs.anl.gov
Subject: [AG-TECH] How configure a Bridge server?
Hi everyone,
I've been asked to configure a bridge server.
I did installation of 'AGTk3.2 beta 1' and configure the firewall port to be used as a bridge server.
However, if I use that, client's VIC doesn't show anything. (and other computer's captured video which is connected via the service manager.)
RAT does not show sound information of the others in the same venue.
To solve the problem, I turn off the firewall. There are still problems.
I don't know how I can solve this challenge.
I look forward to getting your response.
regards,
Sangil Choi
Attached 'firewall's open ports list in bridge server'.
==========================================================
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 state NEW udp dpt:5353
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:631
6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:631
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:10000
9 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:10002
10 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:10004
11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:11000
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20000
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20200
14 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20200
15 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpts:50000:52000
16 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:50000:52000
17 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:5900:5920
18 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8000
19 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8000
20 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8002
21 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8002
22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8006
23 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8006
24 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
==========================================================
More information about the ag-tech
mailing list