Reply To: Why Won’t mt-daapd Work Unless It’s Open to the Internet?

FireFly Media Server Firefly Media Server Forums Firefly Media Server Setup Issues Why Won’t mt-daapd Work Unless It’s Open to the Internet? Reply To: Why Won’t mt-daapd Work Unless It’s Open to the Internet?

#11209
Linux User
Participant

Thanks, Ron, for the clear, informative and detailed explanation. Very helpful, and reasurring.

I tried the two rules you suggested. Not sure why, but they didn’t work.

So, then, based on your recommendation not to allow unicast, I tried just the multicast packet rules I’d used before. Guess what? Didn’t work. But when I put the unicast packet rules back in, it popped right up.

So, just for kicks, I tried just the unicast packet rules. Didn’t work either. Oddly, it only works if I allow both multicast and unicast packets.

Then I decided to combine my packet rules with your suggested rules, on the perhaps misguided assumption that some source and destination address limits were better than none, thusly:

iptables -A INPUT -s 224.0.0.0/4 -m pkttype --pkt-type multicast -j ACCEPT
iptables -A OUTPUT -d 224.0.0.0/4 -m pkttype --pkt-type multicast -j ACCEPT
iptables -A INPUT -s 224.0.0.0/4 -m pkttype --pkt-type unicast -j ACCEPT
iptables -A OUTPUT -d 224.0.0.0/4 -m pkttype --pkt-type unicast -j ACCEPT

That didn’t work, either.

So for the moment, the only thing that works is allowing both multicast and unicast packets without restriction as to source or destination address. I’m a little concerned about that, because you said I don’t want to open up to unicasts.

Btw, all this recent testing is with the iTunes client. Haven’t checked anything other than what was in my original post with the SoundBridge. But I need to get it working with both, so even if any of this worked only with the SoundBridge, that would be interesting but not quite where I need to be.

Also, btw, the spyware reference was a joke, so I hope you didn’t take offense, none was intended. (I’m new to this and I just saw over at the Roku forum that you’re the author of firefly.) It’s a great app and provides a solution to a project I’ve been working on for a long time, especially when combined with the SoundBridge. If I can just kick this firewall thing. And, yes, while I doubt I could understand the source code if I read it, just knowing it’s out there is a good thing! 🙂

Thanks for your help.