LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Accessing Multicast from internet through shorewall (https://www.linuxquestions.org/questions/linux-newbie-8/accessing-multicast-from-internet-through-shorewall-824530/)

hikmatrusiwa 08-06-2010 03:45 AM
Accessing Multicast from internet through shorewall
 
Hi everyone, i newbie here...

Here's the situation :

- I have setup an application in my local subnet 10.1.0.0/16 which broadcast udp packet.

- My application broadcast from machine with 10.1.2.240 and also broadcast from multicast address 225.1.2.3 using port 3035 (it's the correct multicast address right ?)

- I have develop small application to receive the udp packet from the multicast address. It's running OK.

Problems/question :

How can i setup my firewall (using shorewall) so that user from internet can receive the udp packet from multicast ?

Is it possible to listen udp broadcast address behind the firewall (without setting up vpn connection) ?

Thank you in advance.

zootboy 08-07-2010 09:26 PM
Is there an actual problem here? Have you tried it and failed?

Most firewalls don't block outgoing traffic, so a Multicast should be no problem. The same should apply to clients receiving the Multicast.

Really, your question is too abstract. A concrete example of an attempt would be helpful.

hikmatrusiwa 08-08-2010 09:16 PM
Thank you zootboy for the reply,

I have the firewall which act as a proxy gateway from my local LAN to internet and vice versa.

my client from internet will only know / access my application in my local LAN through this firewall (i am using shorewall).

How can i setup the firewall so when my internet client want to access/listen to packet broadcast from the multicast which is in my Local PC ?

Multicast is not like ordinary local applications which we can redirect from firewall to certain port, is it ?

zootboy 08-08-2010 10:15 PM
I talked with my buddy, who does a lot of this stuff in production. He told me that most NAT firewalls block outgoing multicast, as it is usually meant only for internal systems. It is possible to do multicast over the internet, but you'll have to check the documentation for your specific firewall to find out if/how to unblock it.

As for the clients, they do not need access through the firewall to receive multicast. Multicast is one way, and because it's UDP, it's stateless. No incoming firewall connections are ever made with multicast.

So to answer your question:
Quote:
Multicast is not like ordinary local applications which we can redirect from firewall to certain port, is it ?
No. Multicast is one way and not redirect-able.


All times are GMT -5. The time now is 07:24 PM.