G'day Sangil Can I ask how you are starting you Unicast Bridge. As the ports specified might be different to those configured within iptables.
For example, you might noticed that some unicast bridges, as listed in Venue Client -> Tools -> Preferences -> Bridging have different port ranges. Not sure if it helps, but I updated a security document yesterday (see http://www.accessgrid.org/node/1987) which might be of some assistance. I have those firewall rules in place and I am able to connect to the bridge. The one rule I can see missing is "iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT" which is required for multicast. Hope this helps. Cheers, Jason. -----Original Message----- From: ag-tech-boun...@lists.mcs.anl.gov [mailto:ag-tech-boun...@lists.mcs.anl.gov] On Behalf Of Sangil Choi Sent: Thursday, 22 July 2010 12:04 PM To: ag-t...@mcs.anl.gov Subject: [AG-TECH] How configure a Bridge server? Hi everyone, I've been asked to configure a bridge server. I did installation of 'AGTk3.2 beta 1' and configure the firewall port to be used as a bridge server. However, if I use that, client's VIC doesn't show anything. (and other computer's captured video which is connected via the service manager.) RAT does not show sound information of the others in the same venue. To solve the problem, I turn off the firewall. There are still problems. I don't know how I can solve this challenge. I look forward to getting your response. regards, Sangil Choi Attached 'firewall's open ports list in bridge server'. ========================================================== Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 state NEW udp dpt:5353 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:631 6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:631 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:10000 9 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:10002 10 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:10004 11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:11000 12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20000 13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20200 14 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20200 15 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpts:50000:52000 16 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:50000:52000 17 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:5900:5920 18 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8000 19 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8000 20 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8002 21 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8002 22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8006 23 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:8006 24 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination ==========================================================
