Bug 189067

Summary: firestarter blocks avahi multicast
Product: [Fedora] Fedora Reporter: Eric Tanguy <eric.tanguy>
Component: firestarterAssignee: Michael A. Peters <mpeters>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 5CC: extras-qa
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-04-19 04:38:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Eric Tanguy 2006-04-15 11:40:33 UTC 
Description of problem:
by default firestarter blocks avahi multicast (mDNS) and it's not possible to
anable it via tue gui. You need to modify /etc/firestarter/user-pre and add :
$IPT -A INPUT -s 224.0.0.0/8 -d 0/0 -j ACCEPT
$IPT -A INPUT -s 0/0 -d 224.0.0.0/8 -j ACCEPT
$IPT -A OUTPUT -s 224.0.0.0/8 -d 0/0 -j ACCEPT
$IPT -A OUTPUT -s 0/0 -d 224.0.0.0/8 -j ACCEPT
or remove 
$IPT -A INPUT -s 224.0.0.0/8 -d 0/0 -j DROP
$IPT -A INPUT -s 0/0 -d 224.0.0.0/8 -j DROP
$IPT -A OUTPUT -s 224.0.0.0/8 -d 0/0 -j DROP
$IPT -A OUTPUT -s 0/0 -d 224.0.0.0/8 -j DROP
from the firestarter script

As avahi-daemon is enabled by default, firestarter should authorize multicast by
default or at least being able to authorize it by gui.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. enable firestarter
2. launch avahi-discover-standalone
3.
  
Actual results:
avahi-discover-standalone is not able to scan mDNS services

Expected results:
avahi-discover-standalone is able to scan mDNS services and find at least
workstation.

Additional info:
Comment 1 Michael A. Peters 2006-04-19 04:38:42 UTC 
This should be fixed in the next round of updates.
Comment 2 drago01 2006-04-20 18:50:34 UTC 
for me its not fixed firestarter-1.0.3-11.fc5
I still need
$IPT -A INPUT -s 224.0.0.0/8 -d 0/0 -j ACCEPT
$IPT -A INPUT -s 0/0 -d 224.0.0.0/8 -j ACCEPT
$IPT -A OUTPUT -s 224.0.0.0/8 -d 0/0 -j ACCEPT
$IPT -A OUTPUT -s 0/0 -d 224.0.0.0/8 -j ACCEPT
in user-pre
Comment 3 Michael A. Peters 2006-04-20 19:32:48 UTC 
The user-pre file is generated by firestarter and is a configuration file.
If it was generated by a previous install of firestarter, you probably need to
manually remove the

$IPT -A INPUT -s 224.0.0.0/8 -d 0/0 -j DROP
$IPT -A INPUT -s 0/0 -d 224.0.0.0/8 -j DROP
$IPT -A OUTPUT -s 224.0.0.0/8 -d 0/0 -j DROP
$IPT -A OUTPUT -s 0/0 -d 224.0.0.0/8 -j DROP

statements from it.