Hylafax Mailing List Archives

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [hylafax-users] possibly OT - configuring router to support hylafax data connection.



Hi Eric,

The HylaFAX protocol is mostly just the same as FTP. That (FTP) normally uses port 21 for control and port 20 for data. HylaFAX seems to do the same with 4559 and 4558. There is also the active versus passive FTP question, which, as I understand it, affects whether the client or the server starts up the second port communication, but does not change the fact that the second port is needed.

I don't recall the details, and I have since changed my setup so I can't check it, but I think the HylaFAX server connects back to the client with a _source_ port of 4558 (to a ?high? port on the client) when the data connection is needed.

I definitely remember having similar problems and changing the _client_ firewall to allow packets with a _source_ port of 4558 fixed it. (Actually disabling the entire client firewall fixed it too, but this port 4558 change was the minimal change that I could find that still fixed it :-)

(Note this is different from most firewall settings where you generally want to open up a _destination_ port, like destination port 80 needs to be open to serve http requests).

Your setup probably isn't the same as mine, so the exact same solution may not work, but, at any rate, you probably want to include port 4558 in your tcpdump as you try to get to the bottom of this.

Good luck.

Martin


Eric Smith wrote on 11/04/04 01:11 PM:


Hi I am trying to redirect all requests on port 4559 to the router on 62.166.236.150 to local machine 192.168.1.2

The latter is to support dialogue for hylafax.
hylafax         4559/tcp                        # HylaFAX client-server protocol (new)

I have ssh working with the entry for port 22 and web access with port 80, but my entry for port 4559 still results in
"Cannot build data connection" error with hylafax (running sendfax on the localmachine).

NetDSL>show port

Port Mapping

TCP 62.166.236.150 4559     192.168.1.2 4559 0
TCP 62.166.236.150 22     192.168.1.2 22 0
TCP 62.166.236.150 80     192.168.1.2 80 0

Any help appreciated (of course).

Thanks!


Eric Smith


FWIW: tcpdump activity on port 4559 follows:

15:36:12.435459 62.166.236.150.62547 > 172.28.1.36.hylafax: S 3141087652:3141087652(0) win 5840 <mss 1380,sackOK,timestamp 205344 0,nop,wscale 0> (DF)
15:36:12.435477 172.28.1.36.hylafax > 62.166.236.150.62547: S 951102318:951102318(0) ack 3141087653 win 5792 <mss 1460,sackOK,timestamp 43511088 205344,nop,wscale 0> (DF)
15:36:12.460068 62.166.236.150.62547 > 172.28.1.36.hylafax: . ack 1 win 5840 <nop,nop,timestamp 205346 43511088> (DF)
15:36:12.462445 172.28.1.36.hylafax > 62.166.236.150.62547: P 1:56(55) ack 1 win 5792 <nop,nop,timestamp 43511091 205346> (DF) [tos 0x10]
15:36:12.493548 62.166.236.150.62547 > 172.28.1.36.hylafax: . ack 56 win 5840 <nop,nop,timestamp 205349 43511091> (DF) [tos 0x10]
15:36:12.496672 62.166.236.150.62547 > 172.28.1.36.hylafax: P 1:12(11) ack 56 win 5840 <nop,nop,timestamp 205350 43511091> (DF) [tos 0x10]
15:36:12.496679 172.28.1.36.hylafax > 62.166.236.150.62547: . ack 12 win 5792 <nop,nop,timestamp 43511094 205350> (DF) [tos 0x10]
15:36:12.497090 172.28.1.36.hylafax > 62.166.236.150.62547: P 56:82(26) ack 12 win 5792 <nop,nop,timestamp 43511094 205350> (DF) [tos 0x10]
15:36:12.561257 62.166.236.150.62547 > 172.28.1.36.hylafax: P 12:25(13) ack 82 win 5840 <nop,nop,timestamp 205356 43511094> (DF) [tos 0x10]
15:36:12.561426 172.28.1.36.hylafax > 62.166.236.150.62547: P 82:113(31) ack 25 win 5792 <nop,nop,timestamp 43511101 205356> (DF) [tos 0x10]
15:36:12.617349 62.166.236.150.62547 > 172.28.1.36.hylafax: P 25:33(8) ack 113 win 5840 <nop,nop,timestamp 205362 43511101> (DF) [tos 0x10]
15:36:12.617500 172.28.1.36.hylafax > 62.166.236.150.62547: P 113:137(24) ack 33 win 5792 <nop,nop,timestamp 43511106 205362> (DF) [tos 0x10]
15:36:12.672440 62.166.236.150.62547 > 172.28.1.36.hylafax: P 33:58(25) ack 137 win 5840 <nop,nop,timestamp 205367 43511106> (DF) [tos 0x10]
15:36:12.672599 172.28.1.36.hylafax > 62.166.236.150.62547: P 137:167(30) ack 58 win 5792 <nop,nop,timestamp 43511112 205367> (DF) [tos 0x10]
15:36:12.723283 62.166.236.150.62547 > 172.28.1.36.hylafax: P 58:66(8) ack 167 win 5840 <nop,nop,timestamp 205373 43511112> (DF) [tos 0x10]
15:36:12.723432 172.28.1.36.hylafax > 62.166.236.150.62547: P 167:189(22) ack 66 win 5792 <nop,nop,timestamp 43511117 205373> (DF) [tos 0x10]
15:36:12.776377 62.166.236.150.62547 > 172.28.1.36.hylafax: P 66:72(6) ack 189 win 5840 <nop,nop,timestamp 205378 43511117> (DF) [tos 0x10]
15:36:12.809997 172.28.1.36.hylafax > 62.166.236.150.62547: . ack 72 win 5792 <nop,nop,timestamp 43511126 205378> (DF) [tos 0x10]

____________________ HylaFAX(tm) Users Mailing List _______________________
 To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
 *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*




____________________ HylaFAX(tm) Users Mailing List _______________________ To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*



Home
Report any problems to webmaster@hylafax.org

HylaFAX is a trademark of Silicon Graphics Corporation.
Internet connectivity for hylafax.org is provided by:
VirtuALL Private Host Services