(Thank Marthter)
It seems from tcpdump that its like chasing your shadow,
The port number appear totally arbitrary and increase with each
instance of sendfax.
extract:
19:28:42.720944 172.28.1.36.hylafax > a.62646: P 167:189(22) ack 67 win 5792 <nop,nop,timestamp 53547228 1958282> (DF) [tos 0x10]
19:28:42.745027 a.62646 > 172.28.1.36.hylafax: P 67:73(6) ack 189 win 5840 <nop,nop,timestamp 1958284 53547228> (DF) [tos 0x10]
19:28:42.775277 172.28.1.36.hylafax > a.62646: . ack 73 win 5792 <nop,nop,timestamp 53547234 1958284> (DF) [tos 0x10]
19:29:06.452720 172.28.1.36.hylafax > a.62585: P 1:58(57) ack 1 win 5792 <nop,nop,timestamp 53549602 1957688> (DF) [tos 0x10]
19:29:06.452932 172.28.1.36.hylafax > a.62585: F 58:58(0) ack 1 win 5792 <nop,nop,timestamp 53549602 1957688> (DF) [tos 0x10]
19:29:06.478270 a.62585 > 172.28.1.36.hylafax: R 964280316:964280316(0) win 0 (DF) [tos 0x10]
19:30:22.463720 a.62646 > 172.28.1.36.hylafax: F 73:73(0) ack 189 win 5840 <nop,nop,timestamp 1968256 53547234> (DF) [tos 0x10]
19:30:22.494225 172.28.1.36.hylafax > a.62646: . ack 74 win 5792 <nop,nop,timestamp 53557207 1968256> (DF) [tos 0x10]
19:30:23.306833 a.62663 > 172.28.1.36.hylafax: S 1243073762:1243073762(0) win 5840 <mss 1380,sackOK,timestamp 1968340 0,nop,wscale 0> (DF)
19:30:23.306852 172.28.1.36.hylafax > a.62663: S 3944313999:3944313999(0) ack 1243073763 win 5792 <mss 1460,sackOK,timestamp 53557288 1968340,nop,wscale 0> (DF)
19:30:23.331568 a.62663 > 172.28.1.36.hylafax: . ack 1 win 5840 <nop,nop,timestamp 1968342 53557288> (DF)
19:30:23.333359 172.28.1.36.hylafax > a.62663: P 1:56(55) ack 1 win 5792 <nop,nop,timestamp 53557290 1968342> (DF) [tos 0x10]
19:30:23.358427 a.62663 > 172.28.1.36.hylafax: . ack 56 win 5840 <nop,nop,timestamp 1968345 53557290> (DF) [tos 0x10]
19:30:23.361550 a.62663 > 172.28.1.36.hylafax: P 1:12(11) ack 56 win 5840 <nop,nop,timestamp 1968345 53557290> (DF) [tos 0x10]
19:30:23.361557 172.28.1.36.hylafax > a.62663: . ack 12 win 5792 <nop,nop,timestamp 53557293 1968345> (DF) [tos 0x10]
Dunno why things have to be so complicated.
Time to retire gracefully (for now) ...
Eric
marthter said:
Hi Eric,
The HylaFAX protocol is mostly just the same as FTP. That (FTP)
normally uses port 21 for control and port 20 for data. HylaFAX seems
to do the same with 4559 and 4558. There is also the active versus
passive FTP question, which, as I understand it, affects whether the
client or the server starts up the second port communication, but does
not change the fact that the second port is needed.
I don't recall the details, and I have since changed my setup so I can't
check it, but I think the HylaFAX server connects back to the client
with a _source_ port of 4558 (to a ?high? port on the client) when the
data connection is needed.
I definitely remember having similar problems and changing the _client_
firewall to allow packets with a _source_ port of 4558 fixed it.
(Actually disabling the entire client firewall fixed it too, but this
port 4558 change was the minimal change that I could find that still
fixed it :-)
(Note this is different from most firewall settings where you generally
want to open up a _destination_ port, like destination port 80 needs to
be open to serve http requests).
Your setup probably isn't the same as mine, so the exact same solution
may not work, but, at any rate, you probably want to include port 4558
in your tcpdump as you try to get to the bottom of this.
Good luck.
Martin
Eric Smith wrote on 11/04/04 01:11 PM:
Hi I am trying to redirect all requests on port 4559 to the router on
62.166.236.150 to local machine 192.168.1.2
The latter is to support dialogue for hylafax.
hylafax 4559/tcp # HylaFAX client-server
protocol (new)
I have ssh working with the entry for port 22 and web access with port 80,
but my entry for port 4559 still results in
"Cannot build data connection" error with hylafax (running sendfax on the
localmachine).
NetDSL>show port
Port Mapping
TCP 62.166.236.150 4559 192.168.1.2 4559 0
TCP 62.166.236.150 22 192.168.1.2 22 0
TCP 62.166.236.150 80 192.168.1.2 80 0
Any help appreciated (of course).
Thanks!
Eric Smith
FWIW: tcpdump activity on port 4559 follows:
15:36:12.435459 62.166.236.150.62547 > 172.28.1.36.hylafax: S
3141087652:3141087652(0) win 5840 <mss 1380,sackOK,timestamp 205344
0,nop,wscale 0> (DF)
15:36:12.435477 172.28.1.36.hylafax > 62.166.236.150.62547: S
951102318:951102318(0) ack 3141087653 win 5792 <mss 1460,sackOK,timestamp
43511088 205344,nop,wscale 0> (DF)
15:36:12.460068 62.166.236.150.62547 > 172.28.1.36.hylafax: . ack 1 win
5840 <nop,nop,timestamp 205346 43511088> (DF)
15:36:12.462445 172.28.1.36.hylafax > 62.166.236.150.62547: P 1:56(55) ack
1 win 5792 <nop,nop,timestamp 43511091 205346> (DF) [tos 0x10]
15:36:12.493548 62.166.236.150.62547 > 172.28.1.36.hylafax: . ack 56 win
5840 <nop,nop,timestamp 205349 43511091> (DF) [tos 0x10]
15:36:12.496672 62.166.236.150.62547 > 172.28.1.36.hylafax: P 1:12(11) ack
56 win 5840 <nop,nop,timestamp 205350 43511091> (DF) [tos 0x10]
15:36:12.496679 172.28.1.36.hylafax > 62.166.236.150.62547: . ack 12 win
5792 <nop,nop,timestamp 43511094 205350> (DF) [tos 0x10]
15:36:12.497090 172.28.1.36.hylafax > 62.166.236.150.62547: P 56:82(26)
ack 12 win 5792 <nop,nop,timestamp 43511094 205350> (DF) [tos 0x10]
15:36:12.561257 62.166.236.150.62547 > 172.28.1.36.hylafax: P 12:25(13)
ack 82 win 5840 <nop,nop,timestamp 205356 43511094> (DF) [tos 0x10]
15:36:12.561426 172.28.1.36.hylafax > 62.166.236.150.62547: P 82:113(31)
ack 25 win 5792 <nop,nop,timestamp 43511101 205356> (DF) [tos 0x10]
15:36:12.617349 62.166.236.150.62547 > 172.28.1.36.hylafax: P 25:33(8) ack
113 win 5840 <nop,nop,timestamp 205362 43511101> (DF) [tos 0x10]
15:36:12.617500 172.28.1.36.hylafax > 62.166.236.150.62547: P 113:137(24)
ack 33 win 5792 <nop,nop,timestamp 43511106 205362> (DF) [tos 0x10]
15:36:12.672440 62.166.236.150.62547 > 172.28.1.36.hylafax: P 33:58(25)
ack 137 win 5840 <nop,nop,timestamp 205367 43511106> (DF) [tos 0x10]
15:36:12.672599 172.28.1.36.hylafax > 62.166.236.150.62547: P 137:167(30)
ack 58 win 5792 <nop,nop,timestamp 43511112 205367> (DF) [tos 0x10]
15:36:12.723283 62.166.236.150.62547 > 172.28.1.36.hylafax: P 58:66(8) ack
167 win 5840 <nop,nop,timestamp 205373 43511112> (DF) [tos 0x10]
15:36:12.723432 172.28.1.36.hylafax > 62.166.236.150.62547: P 167:189(22)
ack 66 win 5792 <nop,nop,timestamp 43511117 205373> (DF) [tos 0x10]
15:36:12.776377 62.166.236.150.62547 > 172.28.1.36.hylafax: P 66:72(6) ack
189 win 5840 <nop,nop,timestamp 205378 43511117> (DF) [tos 0x10]
15:36:12.809997 172.28.1.36.hylafax > 62.166.236.150.62547: . ack 72 win
5792 <nop,nop,timestamp 43511126 205378> (DF) [tos 0x10]
____________________ HylaFAX(tm) Users Mailing List _______________________
To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
*To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*
____________________ HylaFAX(tm) Users Mailing List _______________________
To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
*To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*