Bug 189067 - firestarter blocks avahi multicast
firestarter blocks avahi multicast
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: firestarter (Show other bugs)
5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Michael A. Peters
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-15 07:40 EDT by Eric Tanguy
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-04-19 00:38:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Eric Tanguy 2006-04-15 07:40:33 EDT
Description of problem:
by default firestarter blocks avahi multicast (mDNS) and it's not possible to
anable it via tue gui. You need to modify /etc/firestarter/user-pre and add :
$IPT -A INPUT -s 224.0.0.0/8 -d 0/0 -j ACCEPT
$IPT -A INPUT -s 0/0 -d 224.0.0.0/8 -j ACCEPT
$IPT -A OUTPUT -s 224.0.0.0/8 -d 0/0 -j ACCEPT
$IPT -A OUTPUT -s 0/0 -d 224.0.0.0/8 -j ACCEPT
or remove 
$IPT -A INPUT -s 224.0.0.0/8 -d 0/0 -j DROP
$IPT -A INPUT -s 0/0 -d 224.0.0.0/8 -j DROP
$IPT -A OUTPUT -s 224.0.0.0/8 -d 0/0 -j DROP
$IPT -A OUTPUT -s 0/0 -d 224.0.0.0/8 -j DROP
from the firestarter script

As avahi-daemon is enabled by default, firestarter should authorize multicast by
default or at least being able to authorize it by gui.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. enable firestarter
2. launch avahi-discover-standalone
3.
  
Actual results:
avahi-discover-standalone is not able to scan mDNS services

Expected results:
avahi-discover-standalone is able to scan mDNS services and find at least
workstation.

Additional info:
Comment 1 Michael A. Peters 2006-04-19 00:38:42 EDT
This should be fixed in the next round of updates.
Comment 2 drago01 2006-04-20 14:50:34 EDT
for me its not fixed firestarter-1.0.3-11.fc5
I still need
$IPT -A INPUT -s 224.0.0.0/8 -d 0/0 -j ACCEPT
$IPT -A INPUT -s 0/0 -d 224.0.0.0/8 -j ACCEPT
$IPT -A OUTPUT -s 224.0.0.0/8 -d 0/0 -j ACCEPT
$IPT -A OUTPUT -s 0/0 -d 224.0.0.0/8 -j ACCEPT
in user-pre
Comment 3 Michael A. Peters 2006-04-20 15:32:48 EDT
The user-pre file is generated by firestarter and is a configuration file.
If it was generated by a previous install of firestarter, you probably need to
manually remove the

$IPT -A INPUT -s 224.0.0.0/8 -d 0/0 -j DROP
$IPT -A INPUT -s 0/0 -d 224.0.0.0/8 -j DROP
$IPT -A OUTPUT -s 224.0.0.0/8 -d 0/0 -j DROP
$IPT -A OUTPUT -s 0/0 -d 224.0.0.0/8 -j DROP

statements from it.

Note You need to log in before you can comment on or make changes to this bug.