Experimental Physics and Industrial Control System
|
On 05.11.2010 11:28, Eric Norum wrote:
To summarize:
If you want channel access clients on a machine to be able to see replies to broadcast PV search requests you need to permit inbound UDP packets with source port EPICS_CA_SERVER_PORT (default is 5064). On systems using iptables this can be accomplished by a rule like
-A INPUT -s 192.168.0.0/22 -p udp --sport 5064 -j ACCEPT
If you want channel access servers (e.g. "soft IOCs") on a machine to be able to see clients you need to permit inbound TCP and UDP packets with source port EPICS_CA_SERVER_PORT (default is 5064). On systems using iptables this can be accomplished by rules like
-A INPUT -s 192.168.0.0/22 -p udp --dport 5064 -j ACCEPT
-A INPUT -s 192.168.0.0/22 -p tcp --dport 5064 -j ACCEPT
In all cases the "-s 192.168.0.0/22" specifies the range of addresses from which you wish to accept packets.
Don't forget:
If you run caRepeater on a machine, so that your client applications are
able to see beacons from IOCs, and can detect connection loss and new
IOCs coming online, you need to permit inbound UDP packets with source
port EPICS_CA_REPEATER_PORT (default is 5065). On systems using iptables
this can be accomplished by a rule like
-A INPUT -s 192.168.0.0/22 -p udp --sport 5065 -j ACCEPT
(Only necessary if your firewall does not allow all outgoing traffic by
default:)
If you want channel access servers (e.g. "soft IOCs") on a machine to be
able to send beacons, so that their clients can detect connection loss
and your IOCs starting up, you need to permit outbound UDP packets with
source port EPICS_CA_REPEATER_PORT (default is 5065). On systems using
iptables this can be accomplished by a rule like
-A OUTPUT -p udp --dport 5065 -j ACCEPT
Cheers,
Ralph
- References:
- Firewall (iptables) issues? Eric Norum
- Re: Firewall (iptables) issues? Darren S. Dale
- Re: Firewall (iptables) issues? Eric Norum
- Re: Firewall (iptables) issues? Andrew Johnson
- Re: Firewall (iptables) issues? Phillip Sorensen
- Re: Firewall (iptables) issues? Eric Norum
- Navigate by Date:
- Prev:
Re: base 3-14-11 and breakpoint tables for ai and ao Andrew Johnson
- Next:
Re: devEtherIP Kasemir, Kay
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
<2010>
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
Re: Firewall (iptables) issues? Eric Norum
- Next:
Re: Firewall (iptables) issues? Eric Norum
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
<2010>
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
|
ANJ, 05 Nov 2010 |
·
Home
·
News
·
About
·
Base
·
Modules
·
Extensions
·
Distributions
·
Download
·
·
Search
·
EPICS V4
·
IRMIS
·
Talk
·
Bugs
·
Documents
·
Links
·
Licensing
·
|