EPICS Home EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

Format page
for printing


Search Tech-talk
1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  <20232024  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  <20232024 
<== Date ==> <== Thread ==>
Subject: PV access stopped by the firewall CentOS 9 Stream
From: "Leblanc, Gregory via Tech-talk" <tech-talk at aps.anl.gov>
To: "tech-talk at aps.anl.gov" <tech-talk at aps.anl.gov>
Date: Fri, 21 Apr 2023 20:09:25 +0000 
Hi folks,

I've just installed CentOS 9 stream on a new machine here, then added on epics-base, calc, asyn, and StreamDevice from git.  I've also installed my work in progress for the Keysight 34980A mainframes, which speak SCPI.  All the EPICS bits work, but there's something screwy with the firewall.  When I do " $ pvget KS_34980A_EPICStestswitcherMagnetCurrent" it times out in 5 seconds.  "$ caget KS_34980A_EPICStestswitcherMagnetCurrent" works just fine.  I can turn the firewall off ($ sudo systemctl stop firewalld) and then pvget works fine.  I added ports 5064 and 5065 in both TCP and UDP to the rules for the firewall, but that didn't seem to help.   

Firewall rules:
$ sudo firewallcmd --list-all
[sudo] password for leblanc:
sudo: firewallcmd: command not found
[leblanc@epics1 ~]$ sudo firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp1s0
  sources:
  services: cockpit dhcpv6-client ssh
  ports: 5064/tcp 5065/tcp 5064/udp 5065/udp
  protocols:
  forward: yes
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

I also used ss to see what ports pvget was trying to use

$ ss -antup |grep pvget
udp   UNCONN 0      0                0.0.0.0:45383      0.0.0.0:*     users:(("pvget",pid=49094,fd=3))
udp   UNCONN 0      0            224.0.0.128:5076       0.0.0.0:*     users:(("pvget",pid=49094,fd=6))
udp   UNCONN 0      0           10.0.255.255:5076       0.0.0.0:*     users:(("pvget",pid=49094,fd=5))
udp   UNCONN 0      0             10.0.0.239:5076       0.0.0.0:*     users:(("pvget",pid=49094,fd=4))

I'm not sure what else to try at this point.  Any pointers appreciated.
    Greg

--
Gregory Leblanc
Accelerator Engineer
Edwards Accelerator Lab - Ohio University
123 University Terrace
Athens, OH 45701 USA
leblanc at ohio.edu
M: (401) 52-OUAL1 or (401) 526-8251
Replies:
RE: PV access stopped by the firewall CentOS 9 Stream Žiga Oven via Tech-talk
Navigate by Date:
Prev: RE: Is the Sequencer and SNL still widely used? Iain Marcuson via Tech-talk
Next: RE: mbbo with 32 choices Pearson, Matthew via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  <20232024 
Navigate by Thread:
Prev: Re: mbbo with 32 choices Maren Purves via Tech-talk
Next: RE: PV access stopped by the firewall CentOS 9 Stream Žiga Oven via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  <20232024 
ANJ, 24 Apr 2023 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·