IPFW ipfw rules for minidlna

susy26

New Member


Messages: 3

Good morning, i'm using a freebsd box for smb and dlna.
i installed minidlna, i addedd

$cmd 00411 allow tcp from any to any 8200 in via $pif setup
$cmd 00412 allow udp from any to any 1900 in via $pif setup

in ipfw script, but the tv can't find the server, and if i shut down ipfw the tv correctly finds and uses the server.

can you help me for that script?

thank you
 

Alain De Vos

Daemon

Reaction score: 648
Messages: 2,169

You could try reverse engineering.
That is disable the firewall.
Use wireshark to check which ports are used.
And use this info to configure the firewall.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,331
Messages: 38,847

According to their website only 1900/UDP and 8200/TCP are required to be opened. But yeah, have a look with tcpdump(1) to see if it requires anything else.
 
OP
S

susy26

New Member


Messages: 3

I did a tcpdump and this is the result
Code:
02:05:41.982184 IP mediacenter0.station.8200 > LGwebOSTV.station.54506: Flags [S.], seq 1211777459, ack 3632166724, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 3513443898 ecr 386356], length 0
02:05:41.985230 IP LGwebOSTV.station.54506 > mediacenter0.station.8200: Flags [.], ack 1, win 229, options [nop,nop,TS val 386358 ecr 3513443898], length 0
02:05:41.988442 IP LGwebOSTV.station.54506 > mediacenter0.station.8200: Flags [P.], seq 1:353, ack 1, win 229, options [nop,nop,TS val 386358 ecr 3513443898], length 352
02:05:41.988572 IP LGwebOSTV.station.54506 > mediacenter0.station.8200: Flags [P.], seq 353:1032, ack 1, win 229, options [nop,nop,TS val 386358 ecr 3513443898], length 679
02:05:41.988577 IP mediacenter0.station.8200 > LGwebOSTV.station.54506: Flags [.], ack 1032, win 1016, options [nop,nop,TS val 3513443905 ecr 386358], length 0
02:05:41.988957 IP mediacenter0.station.8200 > LGwebOSTV.station.54506: Flags [P.], seq 1:789, ack 1032, win 1027, options [nop,nop,TS val 3513443905 ecr 386358], length 788
02:05:41.988965 IP mediacenter0.station.8200 > LGwebOSTV.station.54506: Flags [F.], seq 789, ack 1032, win 1027, options [nop,nop,TS val 3513443905 ecr 386358], length 0
02:05:42.004524 IP LGwebOSTV.station.54508 > mediacenter0.station.8200: Flags , seq 3194142399, win 29200, options [mss 1460,sackOK,TS val 386361 ecr 0,nop,wscale 7], length 0
02:05:42.004529 IP mediacenter0.station.8200 > LGwebOSTV.station.54508: Flags [S.], seq 231026678, ack 3194142400, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 2343603517 ecr 386361], length 0
02:05:42.004530 IP LGwebOSTV.station.54510 > mediacenter0.station.8200: Flags , seq 2135685326, win 29200, options [mss 1460,sackOK,TS val 386361 ecr 0,nop,wscale 7], length 0
02:05:42.004533 IP mediacenter0.station.8200 > LGwebOSTV.station.54510: Flags [S.], seq 4010762260, ack 2135685327, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 2977353369 ecr 386361], length 0
02:05:42.004797 IP LGwebOSTV.station.54506 > mediacenter0.station.8200: Flags [P.], seq 353:1032, ack 1, win 229, options [nop,nop,TS val 386362 ecr 3513443898], length 679
02:05:42.004801 IP mediacenter0.station.8200 > LGwebOSTV.station.54506: Flags [F.], seq 789, ack 1032, win 1027, options [nop,nop,TS val 3513443921 ecr 386362,nop,nop,sack 1 {353:1032}], length 0
02:05:42.004893 IP LGwebOSTV.station.54506 > mediacenter0.station.8200: Flags [.], ack 789, win 251, options [nop,nop,TS val 386363 ecr 3513443905], length 0
02:05:42.005993 IP LGwebOSTV.station.54506 > mediacenter0.station.8200: Flags [F.], seq 1032, ack 790, win 251, options [nop,nop,TS val 386363 ecr 3513443905], length 0
02:05:42.006000 IP mediacenter0.station.8200 > LGwebOSTV.station.54506: Flags [.], ack 1033, win 1026, options [nop,nop,TS val 3513443922 ecr 386363], length 0
02:05:42.006078 IP LGwebOSTV.station.54508 > mediacenter0.station.8200: Flags [.], ack 1, win 229, options [nop,nop,TS val 386363 ecr 2343603517], length 0
02:05:42.006810 IP LGwebOSTV.station.54508 > mediacenter0.station.8200: Flags [P.], seq 1:379, ack 1, win 229, options [nop,nop,TS val 386363 ecr 2343603517], length 378
02:05:42.006891 IP mediacenter0.station.34833 > LGwebOSTV.station.1913: Flags , seq 1107449149, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 2912613971 ecr 0], length 0
02:05:42.006910 IP LGwebOSTV.station.54510 > mediacenter0.station.8200: Flags [.], ack 1, win 229, options [nop,nop,TS val 386363 ecr 2977353369], length 0
02:05:42.006910 IP mediacenter0.station.8200 > LGwebOSTV.station.54508: Flags [P.], seq 1:273, ack 379, win 1027, options [nop,nop,TS val 2343603518 ecr 386363], length 272
02:05:42.006917 IP mediacenter0.station.8200 > LGwebOSTV.station.54508: Flags [F.], seq 273, ack 379, win 1027, options [nop,nop,TS val 2343603518 ecr 386363], length 0
02:05:42.007102 IP LGwebOSTV.station.54506 > mediacenter0.station.8200: Flags [.], ack 790, win 251, options [nop,nop,TS val 386363 ecr 3513443921,nop,nop,sack 1 {789:790}], length 0
02:05:42.008896 IP LGwebOSTV.station.54510 > mediacenter0.station.8200: Flags [P.], seq 1:383, ack 1, win 229, options [nop,nop,TS val 386364 ecr 2977353369], length 382
02:05:42.008958 IP mediacenter0.station.43331 > LGwebOSTV.station.1913: Flags , seq 4175809905, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 1513348297 ecr 0], length 0
02:05:42.008973 IP mediacenter0.station.8200 > LGwebOSTV.station.54510: Flags [P.], seq 1:273, ack 383, win 1027, options [nop,nop,TS val 2977353373 ecr 386364], length 272
02:05:42.008978 IP mediacenter0.station.8200 > LGwebOSTV.station.54510: Flags [F.], seq 273, ack 383, win 1027, options [nop,nop,TS val 2977353373 ecr 386364], length 0
02:05:42.009035 IP LGwebOSTV.station.1913 > mediacenter0.station.34833: Flags [S.], seq 3573640107, ack 1107449150, win 28960, options [mss 1460,sackOK,TS val 386364 ecr 2912613971,nop,wscale 7], length 0
02:05:42.009041 IP mediacenter0.station.34833 > LGwebOSTV.station.1913: Flags [.], ack 1, win 1027, options [nop,nop,TS val 2912613974 ecr 386364], length 0
02:05:42.009042 IP LGwebOSTV.station.54508 > mediacenter0.station.8200: Flags [.], ack 273, win 237, options [nop,nop,TS val 386364 ecr 2343603518], length 0
02:05:42.009548 IP LGwebOSTV.station.54508 > mediacenter0.station.8200: Flags [F.], seq 379, ack 274, win 237, options [nop,nop,TS val 386364 ecr 2343603518], length 0
02:05:42.009553 IP mediacenter0.station.8200 > LGwebOSTV.station.54508: Flags [.], ack 380, win 1026, options [nop,nop,TS val 2343603521 ecr 386364], length 0
02:05:42.010667 IP LGwebOSTV.station.1913 > mediacenter0.station.43331: Flags [S.], seq 4124419627, ack 4175809906, win 28960, options [mss 1460,sackOK,TS val 386364 ecr 1513348297,nop,wscale 7], length 0
02:05:42.010672 IP mediacenter0.station.43331 > LGwebOSTV.station.1913: Flags [.], ack 1, win 1027, options [nop,nop,TS val 1513348299 ecr 386364], length 0
02:05:42.011171 IP LGwebOSTV.station.54510 > mediacenter0.station.8200: Flags [.], ack 273, win 237, options [nop,nop,TS val 386364 ecr 2977353373], length 0
02:05:42.011924 IP LGwebOSTV.station.54510 > mediacenter0.station.8200: Flags [F.], seq 383, ack 274, win 237, options [nop,nop,TS val 386365 ecr 2977353373], length 0
02:05:42.011928 IP mediacenter0.station.8200 > LGwebOSTV.station.54510: Flags [.], ack 384, win 1026, options [nop,nop,TS val 2977353375 ecr 386365], length 0

it seems that there are some ports 43331, 34833 that are not present in any list of ports.
i don't' know, it seems strange.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,331
Messages: 38,847

it seems that there are some ports 43331, 34833 that are not present in any list of ports.
Those are random source ports. Your dump is a bit skewed as you appear to only captured the responses, not the original requests. There are SYN-ACK packets without the SYN packet being recorded for example. So you're only looking at one half of the conversation.
 
OP
S

susy26

New Member


Messages: 3

I don't know, i always used tcpdump in this way.
can you tell me the right option from command line?
thank you
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,331
Messages: 38,847

tcpdump -ni <interface> \(tcp and port 8200\) or \(udp and port 1900\) That will probably do it. Better to capture the traffic and analyze it in Wireshark, it can easily decode those messages on UDP/1900 (it's the discovery process, it'll tell which services are 'advertised' and on what port they're running).
 
Top