Vahe Avedissian wrote:
Hello Folks,
I am trying to get a SiliconDust internet TV card box to work with Opensuse 11.2, but am having firewall issues.
With the firewall turned off, the hdhomerun (Silicon dust software) configure will detect the TV tuner and return it's IP address and ID. With the firewall enabled the tuner is not detected as expected.
I tried opening up the necessary ports and services but thhat did not work and according to SiliconDust tech support the tuner uses random high port on the PC so it is not possible to firewall based on incoming ports. They suggest that I allow all traffic to/from the HDHomeRun's IP address.
My question is how to best do this? I could not find how to do this with yast. Do I need to directly edit iptables and if so, how?
You can enter HDHomeRun's IP address into FW_TRUSTED_NETS but then the question is can you realy trust them # Format: space separated list of network[,protocol[,port]] # in case of icmp, port means the icmp type # # Example: "172.20.1.1 172.20.0.0/16 1.1.1.1,icmp 2.2.2.2,tcp,22" # FW_TRUSTED_NETS="HDHomeRun's IP" Another option, though I do not think that can be done via Yast, is you can create a service "HDHomeRun" based on the /etc/sysconfig/SuSEfirewall2.d/services/TEMPLATE and here is the relevant part of the template. ### variables below are only needed in very special cases # space separated list of net,protocol[,sport[,dport]] # see FW_SERVICES_ACCEPT_RELATED_EXT # net 0/0 means IPv4 and IPv6. If this sevice should only work for # IPv4 use 0.0.0.0/0 RELATED="HDHomeRun's IP" This will open the ports that are related to your computers request Then you can add this service to your FW_CONFIGURATIONS_EXT="HDHomeRun" Hope this helps Togan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org