Results 1 to 10 of 10

Thread: Syncthing, firewall settings

  1. #1

    Question Syncthing, firewall settings

    Hello

    how to setup firewall (Yast) rules properly for Syncthing?

    The synchronization work when the firewall is stop, when it's run, I get an error:

    Code:
    INFO: No UPnP device detected
    INFO: Failed to parse connection url: tcp://[fe80::8a32:9bff:fe80:4936%eth0]:22000 parse tcp://[fe80::8a32:9bff:fe80:4936%eth0]:22000: hexadecimal escape in host
    .

    Syncthinkg relevant settings:

    Code:
    Sync protocol local adress: tcp://0.0.0.0:22000
    GUI adress: 127.0.0.1:8384
    Enable UPnP: on
    Based on the Syncthing documentation, I've added two Custom rules:

    Rule 1:
    Code:
    Source network: 0/0
    Protocol: TCP
    Destination port:22000
    Source Port: 222000
    Add. opt.:
    Rule 2:
    Code:
    Source network: 0/0
    Protocol: UDP
    Destination port: 21027
    Source Port: 21027
    Add. opt.:

  2. #2

    Default Re: Syncthing, firewall settings

    When the firewall is stopped the output looks like:

    Code:
    INFO: API listening on 127.0.0.1:8384
    INFO: GUI URL is https://127.0.0.1:8384/
    INFO: New UPnP port mapping: external port 7148 to local port 22000.
    NFO: Failed to parse connection url: tcp://[fe80::8a32:9bff:fe80:4936%eth0]:22000 parse tcp://[fe80::8a32:9bff:fe80:4936%eth0]:22000: hexadecimal escape in host

  3. #3

    Default Re: Syncthing, firewall settings

    There have been several recent bugs in Syncthing that threw an error of the type you are getting. The latest was a problem with Go itself (the language ST is written in), which appears to have been overcome with Go 1.5.2+. See https://github.com/syncthing/syncthing/issues/2444

    So the next ST update will hopefully fix your problem.

    PS I am presuming the Source Port in your firewall Rule 1 is actually 22000, not 222000 as shown

  4. #4

    Default Re: Syncthing, firewall settings

    Yes, it is port 22000.

    It works when I turn of the firewall. How is that ralated to IPv6 addresses?

  5. #5

    Default Re: Syncthing, firewall settings

    I've build the last version:

    Code:
    [2Z53E] 17:05:30 INFO: syncthing v0.12.11+8-g400bfe9 "Beryllium Bedbug" (go1.4.2 linux-amd64)
    and the problem with IPv6 addresses is gone, but I don't see the other devices until I turn of the firewall.

    Code:
    [2Z53E] 17:05:31 INFO: API listening on 127.0.0.1:8384
    [2Z53E] 17:05:31 INFO: GUI URL is https://127.0.0.1:8384/
    [2Z53E] 17:05:41 INFO: No UPnP device detected

    I guess, that I've a wrong configuration of the firewall.

  6. #6
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,499
    Blog Entries
    2

    Default Re: Syncthing, firewall settings

    The git code and build process looks pretty simple and easy.

    If you need the latest stable with all fixes, I'd recommend building it yourself.
    http://docs.syncthing.net/dev/buildi...#building-unix

    The output of the build will be a binary in the code tree, so everything looks very self-contained and isolated from the rest of your system. If you decide to disgard your builds, just delete your cloned local git repo.

    If you need help setting up and running the build, just post your questions here.

    As for firewall settings, you'll just need to create a rule specifying in/out TCP port 2200 (my guess) in your YAST FW applet in whatever zone (Public/DMZ/Private) as necessary.

    TSU

  7. #7

    Default Re: Syncthing, firewall settings

    I've built the latest version and there is no difference. No connection when the firewall runs and it doesn't I can connect to another devices. How can I check if the port is open?

    Whith the running firewall I get:

    Code:
    netstat -lntu | grep 22000
    tcp        0      0 :::22000                :::*                    LISTEN

  8. #8
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,499
    Blog Entries
    2

    Default Re: Syncthing, firewall settings

    "Read the Docs"
    http://docs.syncthing.net/users/firewall.html

    You need to open port 21027 UDP to enable device discovery

    TSU

  9. #9

    Default Re: Syncthing, firewall settings

    Quote Originally Posted by tsu2 View Post
    "Read the Docs"
    http://docs.syncthing.net/users/firewall.html

    You need to open port 21027 UDP to enable device discovery

    TSU
    I've added to rules:

    Code:
    Source network: 0/0
    Protocol: TCP
    Destination port:22000
    Source Port: 222000
    Add. opt.:
    Code:
    Source network: 0/0
    Protocol: UDP
    Destination port: 21027
    Source Port: 21027
    Add. opt.:
    It also works, when I set the firewall zone to Internal.

  10. #10

    Default Re: Syncthing, firewall settings

    It was port 1900. When I opened in the firewall, it works OK. Not the UPnP, but the local device discovery and it is fine for me. I don't know how is the port 1900 related to Syncthing.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •