I’ve been using linux a while but am still only an average user. I’m new to OpenSUSE and really want to keep using it but am having trouble with getting things set up on Leap 15.2.
One of the applications I use needs to transmit UDP packets on ports 49003 - 49005, and accept TCP connections on port 10747. It is a Java application so permissions must be granted to the java runtime. The application doesn’t do anything exotic network wise, it simply connects to servers on an https port (443), accepts a TCP socket connection on 10747, and broadcasts UDP packets with the traffic data.
(all of this is cut and paste from a support response I got from the application developer).
I should add this is a java application collecting data from a server on the internet and feeding it to a plugin within another application. (if you’re interested it’s RealTraffic, feeding to LiveTraffic plugin within XPlane 11 but I don’t think it matters here). So it appears local UDP transport is blocked?
I’ve tried turning the firewall off but that didn’t fix it. I’ve turned the firewall back on and added the necessary UDP ports and TCP port to the ‘public’ zone. I wasn’t sure if I needed to add the https port to public too and am not sure how? I don’t know how to add the java runtime to the firewall config either, it doesn’t appear in the list of services to add.
My ports are configured as shown below. https://i.postimg.cc/bJSgH6px/ports.png
I continue to get errors in the log for the application saying "could not bind UDP socket with "0.0.0.0:49003". and previous to adding the ports to the public zone I was getting ERROR Network.cpp:488/send: send failed: “0.0.0.0:10747” (Broken pipe)
Can someone point me in the right direction please? I’m not sure what to try next.
I’ve tried turning the firewall off but that didn’t fix it.
How are you connected to the internet? Have you checked the router connecting to the internet? The internet-facing firewall is likely to be impacting here.
Hi Malcolm,
Thanks for taking the time to reply. I hadn’t checked the interface before. It was set to ‘home’ so I’ve changed it to ‘public’ now. I haven’t rebooted but I have Firewall set to reload after writing configuration.
There is only one service allowed on my public zone, I haven’t changed the defaults. Is that correct?
Thanks for the tip. Not sure what to check though. On Malcolm’s advice I’ve now switched eth0 to the ‘public’ zone. Everything about the internet is working fine. And the java application is also connecting through the router to its server and behaving correctly. The error seems to be happening between the java application and the plugin, residing on the same machine. And then it seems to be only one way - data incoming to the plugin doesn’t get through. The java app is receiving data from the plugin. The plugin developer after reviewing the logs said it looked like local UDP transport was being blocked.
This isn’t a new application and plugin in for me. I’ve had it set up this way for nearly a year, working with minimal setup and without fault on several other distros, using the ufw gui firewall app to identify the blocked ports in real time and allow them. I might try using ufw to see if that sheds any light. Although I’m confused that turning the firewall off didn’t fix the problem?
Hi
Seems it a commercial application… If your plugin is connecting to it, then should be no need for any firewall configuration, the api should just find the server and connect to those ports?
For example my ADSB data connecting to the server;
The information you’ve supplied far re not working with firewall disabled shows this is not the issue. Again, you may need to look at the external router/firewall perhaps.
This part of your post suggests that your application is broken(maybe not installed or set up properly)
If the app writes its own log somewhere you can inspect that, otherwise
You would need to inspect your system log to collect entries relevant to what you posted to better understand what is happening.
There are probably a number of ways you can collect the necessary entries but I can’t recommend an exact command.
I’ve recommended the following digitalocean article as a user friendly description of some useful journalctl commands…
Maybe you can search for the specific entries you describe eg. “0000:49003” note the timestamp and try displaying events from a minute before the entry to a minute afterwards. But, maybe you’ll figure out something better.
Or, maybe search for all entries related to your java executable… I don’t know if that will work with a java binary, I’ve only done that with C binaries.