[hylafax-users] Hylafax / WHFC vs firewall

["Bob van der Waard" <bob@xxxxxxxxxxxxxxx>]

Hi list,

 

I’ve yet another question...

 

I’m using WHFC to send fax message to my Hylafax gateway. But when I enable the firewall on the Hylafax server, WHFC can’t setup a session with the Hylafax server.

 

Don’t get me wrong here...

 

It can connect to the Hylafax server at port 4559 but WHFC can’t setup a session when authenticated to the Hylafax server.

 

I noticed in de logging that WHFC tries to connect between a range of destination ports on the Hylafax server.

 

See example:

 

Jun 12 07:40:32 samba kernel: giptables-drop-src-norule: IN=eth0 OUT= MAC=00:11:09:8f:aa:3c:00:04:e2:aa:26:cd:08:00 SRC="" DST=192.168.1.252 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=36760 DF PROTO=TCP SPT=1904 DPT=34011 WINDOW=16384 RES=0x00 SYN URGP=0

Jun 19 14:00:13 samba kernel: giptables-drop-src-norule: IN=eth0 OUT= MAC=00:11:09:8f:aa:3c:00:04:e2:aa:26:cd:08:00 SRC="" DST=192.168.1.252 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=29356 DF PROTO=TCP SPT=1367 DPT=37709 WINDOW=16384 RES=0x00 SYN URGP=0

Jun 19 14:03:02 samba kernel: giptables-drop-src-norule: IN=eth0 OUT= MAC=00:11:09:8f:aa:3c:00:04:e2:aa:26:cd:08:00 SRC="" DST=192.168.1.252 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=30251 DF PROTO=TCP SPT=1372 DPT=37711 WINDOW=16384 RES=0x00 SYN URGP=0

Jun 19 14:05:20 samba kernel: giptables-drop-src-norule: IN=eth0 OUT= MAC=00:11:09:8f:aa:3c:00:04:e2:aa:26:cd:08:00 SRC="" DST=192.168.1.252 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=31134 DF PROTO=TCP SPT=1377 DPT=37713 WINDOW=16384 RES=0x00 SYN URGP=0

 

As you can see the Source port varies and the Destination port increased after successful or unsuccessful connection.

 

I can disable firewalling... but that’s not my policy.

 

I like to know between what Destination ports WHFC tries to connect? 34000:40000. Please advice.

 

Kind regards

 

 

Bob van der Waard

Stout & Storm