Thanks, this matches with what Kay sent me on Friday. Apparently I stared at those screens so long I couldn't read them anymore. Looks like it's all working now.
Greg
> -----Original Message-----
> From: Žiga Oven <ziga.oven at cosylab.com>
> Sent: Monday, April 24, 2023 2:45 AM
> To: Leblanc, Gregory <leblanc at ohio.edu>; tech-talk at aps.anl.gov
> Subject: [External] RE: PV access stopped by the firewall CentOS 9 Stream
>
> Use caution with links and attachments.
>
> Hi Greg,
>
> The PVAccess uses ports 5075 and 5076 for its operation (you can also see that in
> your output of the ss command).
>
> If you add the ports 5075 and 5076 to your firewall rules, I think it should work.
>
> Best regards,
>
> Žiga
>
> > -----Original Message-----
> > From: Tech-talk <tech-talk-bounces at aps.anl.gov> On Behalf Of Leblanc,
> > Gregory via Tech-talk
> > Sent: Friday, April 21, 2023 10:09 PM
> > To: tech-talk at aps.anl.gov
> > Subject: PV access stopped by the firewall CentOS 9 Stream
> >
> > Caution: This email originated from outside of Cosylab.
> >
> >
> > Hi folks,
> >
> > I've just installed CentOS 9 stream on a new machine here, then added
> > on epics-base, calc, asyn, and StreamDevice from git. I've also
> > installed my work in progress for the Keysight 34980A mainframes,
> > which speak SCPI. All the EPICS bits work, but there's something
> > screwy with the firewall. When I do " $ pvget
> > KS_34980A_EPICStestswitcherMagnetCurrent" it times out in 5 seconds.
> > "$ caget KS_34980A_EPICStestswitcherMagnetCurrent" works just fine. I
> > can turn the firewall off ($ sudo systemctl stop firewalld) and then
> > pvget works fine. I added ports 5064 and 5065 in both TCP and UDP to the
> rules for the firewall, but that didn't seem to help.
> >
> > Firewall rules:
> > $ sudo firewallcmd --list-all
> > [sudo] password for leblanc:
> > sudo: firewallcmd: command not found
> > [leblanc@epics1 ~]$ sudo firewall-cmd --list-all public (active)
> > target: default
> > icmp-block-inversion: no
> > interfaces: enp1s0
> > sources:
> > services: cockpit dhcpv6-client ssh
> > ports: 5064/tcp 5065/tcp 5064/udp 5065/udp
> > protocols:
> > forward: yes
> > masquerade: no
> > forward-ports:
> > source-ports:
> > icmp-blocks:
> > rich rules:
> >
> > I also used ss to see what ports pvget was trying to use
> >
> > $ ss -antup |grep pvget
> > udp UNCONN 0 0 0.0.0.0:45383 0.0.0.0:*
> > users:(("pvget",pid=49094,fd=3))
> > udp UNCONN 0 0 224.0.0.128:5076 0.0.0.0:*
> > users:(("pvget",pid=49094,fd=6))
> > udp UNCONN 0 0 10.0.255.255:5076 0.0.0.0:*
> > users:(("pvget",pid=49094,fd=5))
> > udp UNCONN 0 0 10.0.0.239:5076 0.0.0.0:*
> > users:(("pvget",pid=49094,fd=4))
> >
> > I'm not sure what else to try at this point. Any pointers appreciated.
> > Greg
> >
> > --
> > Gregory Leblanc
> > Accelerator Engineer
> > Edwards Accelerator Lab - Ohio University
> > 123 University Terrace
> > Athens, OH 45701 USA
> > leblanc at ohio.edu
> > M: (401) 52-OUAL1 or (401) 526-8251
- References:
- PV access stopped by the firewall CentOS 9 Stream Leblanc, Gregory via Tech-talk
- RE: PV access stopped by the firewall CentOS 9 Stream Žiga Oven via Tech-talk
- Navigate by Date:
- Prev:
Re: question about ALIAS 李姣赛 via Tech-talk
- Next:
Re: [EXTERNAL] Re: opc ua client Sinclair, John via Tech-talk
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
<2023>
2024
- Navigate by Thread:
- Prev:
RE: PV access stopped by the firewall CentOS 9 Stream Žiga Oven via Tech-talk
- Next:
EPICS collaboration meeting weather forecast Pierrick M Hanlet via Tech-talk
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
<2023>
2024
| 
·
Home
·
News
·
About
·
Base
·
Modules
·
Extensions
·
Distributions
·
Download
·