HylaFAX The world's most advanced open source fax server

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [hylafax-users] Hylafax / WHFC vs firewall



I think WHFC has a check box called "passive mode" or
"passive conection" or something close to that. 
You don't say which firewall are you using but I
recall threads about hylafax and firewalling. Hope
this helps.

Pedro
--- Bob van der Waard <bob@xxxxxxxxxxxxxxx> wrote:

> Hi list,
> 
>  
> 
> I've yet another question...
> 
>  
> 
> I'm using WHFC to send fax message to my Hylafax
> gateway. But when I enable
> the firewall on the Hylafax server, WHFC can't setup
> a session with the
> Hylafax server.
> 
>  
> 
> Don't get me wrong here...
> 
>  
> 
> It can connect to the Hylafax server at port 4559
> but WHFC can't setup a
> session when authenticated to the Hylafax server.
> 
>  
> 
> I noticed in de logging that WHFC tries to connect
> between a range of
> destination ports on the Hylafax server.
> 
>  
> 
> See example:
> 
>  
> 
> Jun 12 07:40:32 samba kernel:
> giptables-drop-src-norule: IN=eth0 OUT=
> MAC=00:11:09:8f:aa:3c:00:04:e2:aa:26:cd:08:00
> SRC=192.168.1.26
> DST=192.168.1.252 LEN=48 TOS=0x00 PREC=0x00 TTL=128
> ID=36760 DF PROTO=TCP
> SPT=1904 DPT=34011 WINDOW=16384 RES=0x00 SYN URGP=0
> 
> Jun 19 14:00:13 samba kernel:
> giptables-drop-src-norule: IN=eth0 OUT=
> MAC=00:11:09:8f:aa:3c:00:04:e2:aa:26:cd:08:00
> SRC=192.168.1.26
> DST=192.168.1.252 LEN=48 TOS=0x00 PREC=0x00 TTL=128
> ID=29356 DF PROTO=TCP
> SPT=1367 DPT=37709 WINDOW=16384 RES=0x00 SYN URGP=0
> 
> Jun 19 14:03:02 samba kernel:
> giptables-drop-src-norule: IN=eth0 OUT=
> MAC=00:11:09:8f:aa:3c:00:04:e2:aa:26:cd:08:00
> SRC=192.168.1.26
> DST=192.168.1.252 LEN=48 TOS=0x00 PREC=0x00 TTL=128
> ID=30251 DF PROTO=TCP
> SPT=1372 DPT=37711 WINDOW=16384 RES=0x00 SYN URGP=0
> 
> Jun 19 14:05:20 samba kernel:
> giptables-drop-src-norule: IN=eth0 OUT=
> MAC=00:11:09:8f:aa:3c:00:04:e2:aa:26:cd:08:00
> SRC=192.168.1.26
> DST=192.168.1.252 LEN=48 TOS=0x00 PREC=0x00 TTL=128
> ID=31134 DF PROTO=TCP
> SPT=1377 DPT=37713 WINDOW=16384 RES=0x00 SYN URGP=0
> 
>  
> 
> As you can see the Source port varies and the
> Destination port increased
> after successful or unsuccessful connection.
> 
>  
> 
> I can disable firewalling... but that's not my
> policy.
> 
>  
> 
> I like to know between what Destination ports WHFC
> tries to connect?
> 34000:40000. Please advice.
> 
>  
> 
> Kind regards
> 
>  
> 
>  
> 
> Bob van der Waard
> 
> Stout & Storm
> 
>  
> 
> 
> 
>  
> 
> 



		
____________________________________________________ 
Yahoo! Sports 
Rekindle the Rivalries. Sign up for Fantasy Football 
http://football.fantasysports.yahoo.com



Project hosted by iFAX Solutions