EPICS Home EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

Format page
for printing


Search Tech-talk
1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  <20192020  2021  2022  2023  2024  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  <20192020  2021  2022  2023  2024 
<== Date ==> <== Thread ==>
Subject: Re: firewalld configuration for EPICS?
From: "Johnson, Andrew N. via Tech-talk" <[email protected]>
To: "[email protected]" <[email protected]>
Date: Fri, 5 Apr 2019 03:41:53 +0000
I believe the CA client library uses tcp port 5065 for clients to make connections to their local CA repeater process (through which the repeater forwards copies of all incoming beacons to those clients). Thus it is not necessary to open that port to the outside world, but  it is essential to the protocol (sorry to be pedantic!).

- Andrew

-- 
Sent from my iPad

On Apr 4, 2019, at 2:28 PM, Ralph Lange via Tech-talk <[email protected]> wrote:

Minor comment:
Channel Access uses port ca-2 (5065) only for beacon messages which are UDP, so it is not really necessary to open ca-2/tcp.

Cheers,
~Ralph



On Wed, 3 Apr 2019 at 14:08, Jörn Dreyer via Tech-talk <[email protected]> wrote:
Am Mittwoch, 3. April 2019, 11:51:11 CEST schrieb Dirk Zimoch via Tech-talk:
> Hi
>
> Does anyone already have a firewalld configuration to allow Channel
> Access? I.e. something like a /usr/lib/firewalld/services/epics.xml file?
>
> Dirk

Hi Dirk,

you could use the following as a EPICS.xml under /etc/firewalld/services

<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>EPICS Channel Access service</short>
  <port port="ca-1" protocol="tcp"/>
  <port port="ca-1" protocol="udp"/>
  <port port="ca-2" protocol="tcp"/>
  <port port="ca-2" protocol="udp"/>
  <source-port port="ca-1" protocol="tcp"/>
  <source-port port="ca-1" protocol="udp"/>
  <source-port port="ca-2" protocol="tcp"/>
  <source-port port="ca-2" protocol="udp"/>
</service>

And then select EPICS for the zone you need to enable the ports.

Regards,

Jörn


References:
firewalld configuration for EPICS? Dirk Zimoch via Tech-talk
Re: firewalld configuration for EPICS? Jörn Dreyer via Tech-talk
Re: firewalld configuration for EPICS? Ralph Lange via Tech-talk
Navigate by Date:
Prev: RE: an ADSupport question on zlib.h Mark Rivers via Tech-talk
Next: Re: an ADSupport question on zlib.h Jeong Han Lee via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  <20192020  2021  2022  2023  2024 
Navigate by Thread:
Prev: Re: firewalld configuration for EPICS? Ralph Lange via Tech-talk
Next: Re: firewalld configuration for EPICS? Dirk Zimoch via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  <20192020  2021  2022  2023  2024 
ANJ, 05 Apr 2019 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·