Is not possible to connect to umurmur in port 64738 with firewall enabled

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












I am using µMurmur in OpenWRT, which has the following configuration:




umurmur.conf:

max_bandwidth = 130000;

# bindport = 64738;
# bindaddr = "192.168.1.1";

# Log to file option. Default is logging to syslog.
# umurmurd will close and reopen the logfile if SIGHUP is received.
logfile = "/var/log/umurmurd.log";

#imagemessagelength = 131072
#allowhtml = true



Which, according to umurmur configuration, means that:




bindaddr (INADDR_ANY = all addresses the host is assigned)
bindport (64738)



The server is binded to each IP the device has.



This is my firewall configuration:




/etc/config/firewall:


config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'

config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'

config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'

config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'

config include
option path '/etc/firewall.user'

config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'

config zone
option name 'wan'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
option input 'REJECT'

config forwarding
option src 'lan'
option dest 'wan'

config zone
option name 'voip'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option network 'voip'
option masq '1'
option mtu_fix '1'

config forwarding
option src 'lan'
option dest 'voip'

config redirect
option proto 'tcp'
option target 'DNAT'
option dest 'lan'
option name 'transparent-proxy for HTTP'
option src 'lan'
option dest_port '8118'
option src_dport '80'
option dest_ip '192.168.1.1'
option src_dip '!192.168.1.1'

config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd/firewall.include'
option family 'any'
option reload '1'

config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option dest_port '8999'
option name 'qBittorrent'
option dest_ip '192.168.1.185'

config rule
option target 'ACCEPT'
option src 'wan'
option proto 'tcp udp'
option dest_port '64738'
option name 'µMurmur'

config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option src_dport '64738'
option dest_ip '192.168.1.1'
option dest_port '64738'
option name 'µMurmur'



The server is accessible via 192.168.1.1:64738, but not from external IP. However if I turn off the firewall, the server immediately becomes available.



I don't know how to troubleshoot it any further and any help is appreciated.







share|improve this question
























    up vote
    0
    down vote

    favorite












    I am using µMurmur in OpenWRT, which has the following configuration:




    umurmur.conf:

    max_bandwidth = 130000;

    # bindport = 64738;
    # bindaddr = "192.168.1.1";

    # Log to file option. Default is logging to syslog.
    # umurmurd will close and reopen the logfile if SIGHUP is received.
    logfile = "/var/log/umurmurd.log";

    #imagemessagelength = 131072
    #allowhtml = true



    Which, according to umurmur configuration, means that:




    bindaddr (INADDR_ANY = all addresses the host is assigned)
    bindport (64738)



    The server is binded to each IP the device has.



    This is my firewall configuration:




    /etc/config/firewall:


    config defaults
    option syn_flood '1'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'

    config rule
    option name 'Allow-DHCP-Renew'
    option src 'wan'
    option proto 'udp'
    option dest_port '68'
    option target 'ACCEPT'
    option family 'ipv4'

    config rule
    option name 'Allow-Ping'
    option src 'wan'
    option proto 'icmp'
    option icmp_type 'echo-request'
    option family 'ipv4'
    option target 'ACCEPT'

    config rule
    option name 'Allow-DHCPv6'
    option src 'wan'
    option proto 'udp'
    option src_ip 'fe80::/10'
    option src_port '547'
    option dest_ip 'fe80::/10'
    option dest_port '546'
    option family 'ipv6'
    option target 'ACCEPT'

    config rule
    option name 'Allow-ICMPv6-Input'
    option src 'wan'
    option proto 'icmp'
    list icmp_type 'echo-request'
    list icmp_type 'echo-reply'
    list icmp_type 'destination-unreachable'
    list icmp_type 'packet-too-big'
    list icmp_type 'time-exceeded'
    list icmp_type 'bad-header'
    list icmp_type 'unknown-header-type'
    list icmp_type 'router-solicitation'
    list icmp_type 'neighbour-solicitation'
    list icmp_type 'router-advertisement'
    list icmp_type 'neighbour-advertisement'
    option limit '1000/sec'
    option family 'ipv6'
    option target 'ACCEPT'

    config rule
    option name 'Allow-ICMPv6-Forward'
    option src 'wan'
    option dest '*'
    option proto 'icmp'
    list icmp_type 'echo-request'
    list icmp_type 'echo-reply'
    list icmp_type 'destination-unreachable'
    list icmp_type 'packet-too-big'
    list icmp_type 'time-exceeded'
    list icmp_type 'bad-header'
    list icmp_type 'unknown-header-type'
    option limit '1000/sec'
    option family 'ipv6'
    option target 'ACCEPT'

    config include
    option path '/etc/firewall.user'

    config zone
    option name 'lan'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'ACCEPT'
    option network 'lan'

    config zone
    option name 'wan'
    option output 'ACCEPT'
    option forward 'REJECT'
    option masq '1'
    option mtu_fix '1'
    list network 'wan'
    list network 'wan6'
    option input 'REJECT'

    config forwarding
    option src 'lan'
    option dest 'wan'

    config zone
    option name 'voip'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'
    option network 'voip'
    option masq '1'
    option mtu_fix '1'

    config forwarding
    option src 'lan'
    option dest 'voip'

    config redirect
    option proto 'tcp'
    option target 'DNAT'
    option dest 'lan'
    option name 'transparent-proxy for HTTP'
    option src 'lan'
    option dest_port '8118'
    option src_dport '80'
    option dest_ip '192.168.1.1'
    option src_dip '!192.168.1.1'

    config include 'miniupnpd'
    option type 'script'
    option path '/usr/share/miniupnpd/firewall.include'
    option family 'any'
    option reload '1'

    config redirect
    option target 'DNAT'
    option src 'wan'
    option dest 'lan'
    option proto 'tcp udp'
    option dest_port '8999'
    option name 'qBittorrent'
    option dest_ip '192.168.1.185'

    config rule
    option target 'ACCEPT'
    option src 'wan'
    option proto 'tcp udp'
    option dest_port '64738'
    option name 'µMurmur'

    config redirect
    option target 'DNAT'
    option src 'wan'
    option dest 'lan'
    option proto 'tcp udp'
    option src_dport '64738'
    option dest_ip '192.168.1.1'
    option dest_port '64738'
    option name 'µMurmur'



    The server is accessible via 192.168.1.1:64738, but not from external IP. However if I turn off the firewall, the server immediately becomes available.



    I don't know how to troubleshoot it any further and any help is appreciated.







    share|improve this question






















      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I am using µMurmur in OpenWRT, which has the following configuration:




      umurmur.conf:

      max_bandwidth = 130000;

      # bindport = 64738;
      # bindaddr = "192.168.1.1";

      # Log to file option. Default is logging to syslog.
      # umurmurd will close and reopen the logfile if SIGHUP is received.
      logfile = "/var/log/umurmurd.log";

      #imagemessagelength = 131072
      #allowhtml = true



      Which, according to umurmur configuration, means that:




      bindaddr (INADDR_ANY = all addresses the host is assigned)
      bindport (64738)



      The server is binded to each IP the device has.



      This is my firewall configuration:




      /etc/config/firewall:


      config defaults
      option syn_flood '1'
      option input 'ACCEPT'
      option output 'ACCEPT'
      option forward 'REJECT'

      config rule
      option name 'Allow-DHCP-Renew'
      option src 'wan'
      option proto 'udp'
      option dest_port '68'
      option target 'ACCEPT'
      option family 'ipv4'

      config rule
      option name 'Allow-Ping'
      option src 'wan'
      option proto 'icmp'
      option icmp_type 'echo-request'
      option family 'ipv4'
      option target 'ACCEPT'

      config rule
      option name 'Allow-DHCPv6'
      option src 'wan'
      option proto 'udp'
      option src_ip 'fe80::/10'
      option src_port '547'
      option dest_ip 'fe80::/10'
      option dest_port '546'
      option family 'ipv6'
      option target 'ACCEPT'

      config rule
      option name 'Allow-ICMPv6-Input'
      option src 'wan'
      option proto 'icmp'
      list icmp_type 'echo-request'
      list icmp_type 'echo-reply'
      list icmp_type 'destination-unreachable'
      list icmp_type 'packet-too-big'
      list icmp_type 'time-exceeded'
      list icmp_type 'bad-header'
      list icmp_type 'unknown-header-type'
      list icmp_type 'router-solicitation'
      list icmp_type 'neighbour-solicitation'
      list icmp_type 'router-advertisement'
      list icmp_type 'neighbour-advertisement'
      option limit '1000/sec'
      option family 'ipv6'
      option target 'ACCEPT'

      config rule
      option name 'Allow-ICMPv6-Forward'
      option src 'wan'
      option dest '*'
      option proto 'icmp'
      list icmp_type 'echo-request'
      list icmp_type 'echo-reply'
      list icmp_type 'destination-unreachable'
      list icmp_type 'packet-too-big'
      list icmp_type 'time-exceeded'
      list icmp_type 'bad-header'
      list icmp_type 'unknown-header-type'
      option limit '1000/sec'
      option family 'ipv6'
      option target 'ACCEPT'

      config include
      option path '/etc/firewall.user'

      config zone
      option name 'lan'
      option input 'ACCEPT'
      option output 'ACCEPT'
      option forward 'ACCEPT'
      option network 'lan'

      config zone
      option name 'wan'
      option output 'ACCEPT'
      option forward 'REJECT'
      option masq '1'
      option mtu_fix '1'
      list network 'wan'
      list network 'wan6'
      option input 'REJECT'

      config forwarding
      option src 'lan'
      option dest 'wan'

      config zone
      option name 'voip'
      option input 'ACCEPT'
      option output 'ACCEPT'
      option forward 'REJECT'
      option network 'voip'
      option masq '1'
      option mtu_fix '1'

      config forwarding
      option src 'lan'
      option dest 'voip'

      config redirect
      option proto 'tcp'
      option target 'DNAT'
      option dest 'lan'
      option name 'transparent-proxy for HTTP'
      option src 'lan'
      option dest_port '8118'
      option src_dport '80'
      option dest_ip '192.168.1.1'
      option src_dip '!192.168.1.1'

      config include 'miniupnpd'
      option type 'script'
      option path '/usr/share/miniupnpd/firewall.include'
      option family 'any'
      option reload '1'

      config redirect
      option target 'DNAT'
      option src 'wan'
      option dest 'lan'
      option proto 'tcp udp'
      option dest_port '8999'
      option name 'qBittorrent'
      option dest_ip '192.168.1.185'

      config rule
      option target 'ACCEPT'
      option src 'wan'
      option proto 'tcp udp'
      option dest_port '64738'
      option name 'µMurmur'

      config redirect
      option target 'DNAT'
      option src 'wan'
      option dest 'lan'
      option proto 'tcp udp'
      option src_dport '64738'
      option dest_ip '192.168.1.1'
      option dest_port '64738'
      option name 'µMurmur'



      The server is accessible via 192.168.1.1:64738, but not from external IP. However if I turn off the firewall, the server immediately becomes available.



      I don't know how to troubleshoot it any further and any help is appreciated.







      share|improve this question












      I am using µMurmur in OpenWRT, which has the following configuration:




      umurmur.conf:

      max_bandwidth = 130000;

      # bindport = 64738;
      # bindaddr = "192.168.1.1";

      # Log to file option. Default is logging to syslog.
      # umurmurd will close and reopen the logfile if SIGHUP is received.
      logfile = "/var/log/umurmurd.log";

      #imagemessagelength = 131072
      #allowhtml = true



      Which, according to umurmur configuration, means that:




      bindaddr (INADDR_ANY = all addresses the host is assigned)
      bindport (64738)



      The server is binded to each IP the device has.



      This is my firewall configuration:




      /etc/config/firewall:


      config defaults
      option syn_flood '1'
      option input 'ACCEPT'
      option output 'ACCEPT'
      option forward 'REJECT'

      config rule
      option name 'Allow-DHCP-Renew'
      option src 'wan'
      option proto 'udp'
      option dest_port '68'
      option target 'ACCEPT'
      option family 'ipv4'

      config rule
      option name 'Allow-Ping'
      option src 'wan'
      option proto 'icmp'
      option icmp_type 'echo-request'
      option family 'ipv4'
      option target 'ACCEPT'

      config rule
      option name 'Allow-DHCPv6'
      option src 'wan'
      option proto 'udp'
      option src_ip 'fe80::/10'
      option src_port '547'
      option dest_ip 'fe80::/10'
      option dest_port '546'
      option family 'ipv6'
      option target 'ACCEPT'

      config rule
      option name 'Allow-ICMPv6-Input'
      option src 'wan'
      option proto 'icmp'
      list icmp_type 'echo-request'
      list icmp_type 'echo-reply'
      list icmp_type 'destination-unreachable'
      list icmp_type 'packet-too-big'
      list icmp_type 'time-exceeded'
      list icmp_type 'bad-header'
      list icmp_type 'unknown-header-type'
      list icmp_type 'router-solicitation'
      list icmp_type 'neighbour-solicitation'
      list icmp_type 'router-advertisement'
      list icmp_type 'neighbour-advertisement'
      option limit '1000/sec'
      option family 'ipv6'
      option target 'ACCEPT'

      config rule
      option name 'Allow-ICMPv6-Forward'
      option src 'wan'
      option dest '*'
      option proto 'icmp'
      list icmp_type 'echo-request'
      list icmp_type 'echo-reply'
      list icmp_type 'destination-unreachable'
      list icmp_type 'packet-too-big'
      list icmp_type 'time-exceeded'
      list icmp_type 'bad-header'
      list icmp_type 'unknown-header-type'
      option limit '1000/sec'
      option family 'ipv6'
      option target 'ACCEPT'

      config include
      option path '/etc/firewall.user'

      config zone
      option name 'lan'
      option input 'ACCEPT'
      option output 'ACCEPT'
      option forward 'ACCEPT'
      option network 'lan'

      config zone
      option name 'wan'
      option output 'ACCEPT'
      option forward 'REJECT'
      option masq '1'
      option mtu_fix '1'
      list network 'wan'
      list network 'wan6'
      option input 'REJECT'

      config forwarding
      option src 'lan'
      option dest 'wan'

      config zone
      option name 'voip'
      option input 'ACCEPT'
      option output 'ACCEPT'
      option forward 'REJECT'
      option network 'voip'
      option masq '1'
      option mtu_fix '1'

      config forwarding
      option src 'lan'
      option dest 'voip'

      config redirect
      option proto 'tcp'
      option target 'DNAT'
      option dest 'lan'
      option name 'transparent-proxy for HTTP'
      option src 'lan'
      option dest_port '8118'
      option src_dport '80'
      option dest_ip '192.168.1.1'
      option src_dip '!192.168.1.1'

      config include 'miniupnpd'
      option type 'script'
      option path '/usr/share/miniupnpd/firewall.include'
      option family 'any'
      option reload '1'

      config redirect
      option target 'DNAT'
      option src 'wan'
      option dest 'lan'
      option proto 'tcp udp'
      option dest_port '8999'
      option name 'qBittorrent'
      option dest_ip '192.168.1.185'

      config rule
      option target 'ACCEPT'
      option src 'wan'
      option proto 'tcp udp'
      option dest_port '64738'
      option name 'µMurmur'

      config redirect
      option target 'DNAT'
      option src 'wan'
      option dest 'lan'
      option proto 'tcp udp'
      option src_dport '64738'
      option dest_ip '192.168.1.1'
      option dest_port '64738'
      option name 'µMurmur'



      The server is accessible via 192.168.1.1:64738, but not from external IP. However if I turn off the firewall, the server immediately becomes available.



      I don't know how to troubleshoot it any further and any help is appreciated.









      share|improve this question











      share|improve this question




      share|improve this question










      asked Mar 31 at 17:45









      elgato

      13




      13

























          active

          oldest

          votes











          Your Answer







          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: false,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );








           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f434711%2fis-not-possible-to-connect-to-umurmur-in-port-64738-with-firewall-enabled%23new-answer', 'question_page');

          );

          Post as a guest



































          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes










           

          draft saved


          draft discarded


























           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f434711%2fis-not-possible-to-connect-to-umurmur-in-port-64738-with-firewall-enabled%23new-answer', 'question_page');

          );

          Post as a guest













































































          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Displaying single band from multi-band raster using QGIS

          How many registers does an x86_64 CPU actually have?