Experimental Physics and
Industrial Control System

To summarize:

If you want channel access clients on a machine to be able to see replies to broadcast PV search requests you need to permit inbound UDP packets with source port EPICS_CA_SERVER_PORT (default is 5064).  On systems using iptables this can be accomplished by a rule like
	-A INPUT -s 192.168.0.0/22 -p udp --sport 5064 -j ACCEPT

If you want channel access servers (e.g. "soft IOCs") on a machine to be able to see clients you need to permit inbound TCP and UDP packets with source port EPICS_CA_SERVER_PORT (default is 5064).  On systems using iptables this can be accomplished by rules like
	-A INPUT -s 192.168.0.0/22 -p udp --dport 5064 -j ACCEPT
	-A INPUT -s 192.168.0.0/22 -p tcp --dport 5064 -j ACCEPT


In all cases the "-s 192.168.0.0/22" specifies the range of addresses from which you wish to accept packets.


-- 
Eric Norum
[email protected]

Replies:

Re: Firewall (iptables) issues? Ralph Lange

References:

Firewall (iptables) issues? Eric Norum

Re: Firewall (iptables) issues? Darren S. Dale

Re: Firewall (iptables) issues? Eric Norum

Re: Firewall (iptables) issues? Andrew Johnson

Re: Firewall (iptables) issues? Phillip Sorensen

Navigate by Date:

Prev: Re: Firewall (iptables) issues? Phillip Sorensen

Next: Re: base 3-14-11 and breakpoint tables for ai and ao Andrew Johnson

Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  <2010>  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024 

Navigate by Thread:

Prev: Re: Firewall (iptables) issues? Phillip Sorensen

Next: Re: Firewall (iptables) issues? Ralph Lange

Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  <2010>  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024