For the past few days I've been banging my head against the wall
trying to get the Darwin Streaming server (4.1.1 from the FreeBSD
ports system) to work behind an IPF firewall. The server works fine
inside of the LAN.
I opened up these ports in my ipf.conf. I moved apache to 8080 so I
could stream DSS via 80:
pass in quick on dc0 proto tcp from any to 192.168.0.2/32 port = 80
flags S keep state keep frags
pass in quick on dc0 proto tcp from any to 192.168.0.2/32 port = 8080
flags S keep state keep frags
In Ipnat I'm redirecting the traffic to the server:
rdr dc0 0.0.0.0/0 port 80 -> 192.168.0.2 port 80 tcp
rdr dc0 0.0.0.0/0 port 8080 -> 192.168.0.2 port 8080 tcp
Apache has no trouble working from the net on 8080.
I just don't think it's an issue with how my firewall is configured.
I found a poster on the DSS list who had the same kind of trouble.
Here was his response to my query if he ever solved his problem:
"I'm convinced that this is a problem with DSS/QTSS's code.
They have kind of alluded to this in their posts when they say that DSS
doesn't really like this setup. I've been dealing with this issue since
July. I still don't have a solution. I've tried everything. It just makes
no sense that you can't put the server behind a firewall.
I tried everything--from open ports to using DNS tricks to you name it. For
whatever reason, the server doesn't like having one address on the network
and having a different address on the Internet.
Like I said in the post, I've been doing this with lots of builds of
RealNetworks with no problems since 1998. It's driven me crazy and I've all
but given up"
Any help or guidance would be greatly appreciated. Anyone running DSS
behind a firewall out
to the internet?
Jim
