Hi,
Are you trying to use HTTP/port 80 streaming? With your firewall
config, that's the only type of streaming that should work.
Also- I'm assuming that you did turn on port 80 streaming for QTSS, and
that it was done after moving Apache to port 8080. When testing from
within the local network, are you sure you're using QT with HTTP/port 80
transport?
To debug, try this from a remote host (outside the firewall):
telnet <IP address of your server> 80
If it connects, hit Enter a couple of times. If you get an RTSP
response, then the network and server are configured fine.. Maybe the
client is trying to use port 554 instead of 80. If you get an HTTP
response, the Apache is still listening on port 80 and QTSS couldn't
bind to the port. If you don't get a response, something is
misconfigured.
You may also want to find a good sniffer to help you debug. Sniffing
the packets on the multiple interfaces of your gateway should show you
exactly what the firewall is doing. Also, by logging the packets as
they're passed, you can see if the firewall is working correctly (as in
"pass in log ... ").
There should not be any QTSS bug that is causing problems, and you
should indeed be able to run a firewall on the local system or a remote
gateway, as long as everything is properly configured.
If you wanted to use port 554 or 7070 for streaming, you'd need to pass
in TCP packets for those ports, as well as UDP ports 6970-6999.
-Joel Hedden
On Tue, 2002-10-29 at 22:47, Jim Arnold wrote:
> For the past few days I've been banging my head against the wall
> trying to get the Darwin Streaming server (4.1.1 from the FreeBSD
> ports system) to work behind an IPF firewall. The server works fine
> inside of the LAN.
>
> I opened up these ports in my ipf.conf. I moved apache to 8080 so I
> could stream DSS via 80:
> pass in quick on dc0 proto tcp from any to 192.168.0.2/32 port = 80
> flags S keep state keep frags
> pass in quick on dc0 proto tcp from any to 192.168.0.2/32 port = 8080
> flags S keep state keep frags
>
> In Ipnat I'm redirecting the traffic to the server:
> rdr dc0 0.0.0.0/0 port 80 -> 192.168.0.2 port 80 tcp
> rdr dc0 0.0.0.0/0 port 8080 -> 192.168.0.2 port 8080 tcp
>
> Apache has no trouble working from the net on 8080.
>
> I just don't think it's an issue with how my firewall is configured.
>
> I found a poster on the DSS list who had the same kind of trouble.
> Here was his response to my query if he ever solved his problem:
>
> "I'm convinced that this is a problem with DSS/QTSS's code.
>
> They have kind of alluded to this in their posts when they say that DSS
> doesn't really like this setup. I've been dealing with this issue since
> July. I still don't have a solution. I've tried everything. It just makes
> no sense that you can't put the server behind a firewall.
>
> I tried everything--from open ports to using DNS tricks to you name it. For
> whatever reason, the server doesn't like having one address on the network
> and having a different address on the Internet.
>
> Like I said in the post, I've been doing this with lots of builds of
> RealNetworks with no problems since 1998. It's driven me crazy and I've all
> but given up"
>
> Any help or guidance would be greatly appreciated. Anyone running DSS
> behind a firewall out
> to the internet?
>
> Jim
> _______________________________________________
> streaming-server-users mailing list | email@hidden
> Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/streaming-server-users
> Do not post admin requests to the list. They will be ignored.
_______________________________________________
streaming-server-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/streaming-server-users
Do not post admin requests to the list. They will be ignored.
