My Logitech Media Server (LMS) needs to announce its presence to receivers by broadcasting on port 3483. I have this port opened for UDP and TCP, but the broadcasts are not getting through. How do I fix this?
Maybe you did it correct, but you do not say so.
Opening for a certain posrt in the firewall normaly means opening it for incoming traffic. As I understand you want outgoing traffic. In fact I think the firewall on openSUSE is not blocking outgoing traffic at all.
It can also be that I do not quite understand what “broadcasting” means in terms of TCP/IP package transport from system:port to port:system.
In what computer does the Logitech Media Server run?
What computers are going to be receivers?
It is possible that the receivers must run some sort of server, client, listener or similar program, to receive and interpret messages from Logitech Media Server. Read its manual.
It is possible that that program will open the port itself, if closed. For that, the program must run with administrator’s rights.
The server is running Leap 42.1, but this problem has existed since OpenSUSE 8.x.
The clients are hardware boxes.
Broadcast runs on a different protocol than UDP or TCP I think. The clients cannot see the messages broadcast from the server telling them that my server is available. If I turn off the firewall, they can see it.
So how does one configure firewall2 to allow broadcasts on a non-standard port?
Well the SuSEFirewall doesn’t capture outgoing traffic.
The rule set is only applied to packets originating from remote hosts. Locally generated packets are not captured by the firewall.
I’d claim the problem is incoming traffic.
I’m fighting this problem, an incoming broadcast is only received when firewall is down. tcpdump does show the packet even when firewall is running.
I’m running OpenSuse 13.1.
There is nothing in the (/var/log/firewall) logs.
I’ve of course configured the port to be opened and also added entries for broadcasts (yast2 firewall).
My solution was to create a simple file /etc/sysconfig/SuSEfirewall2.d/services/special-broadcast similiar to avahi and with my port. After enabling this service receiving broadcasts on my port works, I even removed the old configuration, i.e. the ports I opened before (advanced, broadcast) in firewall config.
AFAIK you’d have to manipulate iptables directly.
The following identifies the specific rules you need to disable/remove if you’re dealing with true broadcasts
iptables --list-rules | grep broadcast
But, I don’t think that broadcasts exist over a particular port as described by the OP.
Also, be aware that IPv6 does not support broadcasts.
To the OP,
From your description I don’t think that you’re talking about “broadcasts” if the transmissions are tied to port 3483…
You’re more likely talking about either a TCP or UDP unicast transmission which is made to your network with a target address your NetworkID ending in zero.
Full Explanation:
When you configure a network with a network mask (the number seen as a series of 255s like 255.255.255.0 or otherwise specifying octets), it’s well known that the usable addresses you can assign to a host in your network are all the middle addresses excluding the first address and the last address. Those two addresses are special, if a machine tries to send packets to the first address, it should result in something similar to localhost (127.x.y.z)(I haven’t checked, it might actually be your local public interface instead of the localhost interface). The last address in your network range sends to all hosts in your defined network which is what I suspect your Media Server is configured to do. Although the result is similar to a true broadcast, there’s a big difference how your network is impacted. True broadcasts are noisy, they force every machine in your network to respond to a single directed transmission. Using the highest number in your network range instead creates a series of unicast transmissions (using TCP or UDP) each session is established with a lot more efficiency and less noisy and confusing overhead because all traffic is between only two machines and all other machines can ignore what’s being said between those two machines.
So, I’m going to guess that is the rule you need to configure (consult your Media Server documentation for exact parameters if you’re not sure)… Either UDP or TCP, from “anywhere” to your machine over the specified port.
TSU