[mythtv-users] Frontend control socket for Mythmote (solved)

Mario Bertrand mario at bertrand.tech
Tue Sep 20 13:32:28 UTC 2016 

Solved!

For those interested.

Found this tutorial: https://help.ubuntu.com/community/IptablesHowTo

1. Test if Mythmote connect and work with lan ip address (not localhost) 

sudo sysctl -w net.ipv4.conf.all.route_localnet=1

sudo iptables -t nat -I PREROUTING 1 -p tcp -d 192.168.1.xxx 
--dport 6546 -j DNAT --to-destination 127.0.0.1:6546

2. Save the iptables rules

sudo /sbin/iptables-save -c > /etc/iptables.rules

3. Make an executable file to work with Network Manager

sudo nano /etc/NetworkManager/dispatcher.d/01firewall

I adapted the script to add "/sbin/sysctl -w 
net.ipv4.conf.all.route_localnet=1" because it wont works with iptables 
rules only.

--->

if [ -x /usr/bin/logger ]; then
LOGGER="/usr/bin/logger -s -p daemon.info -t FirewallHandler"
else
LOGGER=echo
fi
if [ -x /sbin/sysctl ]; then
${LOGGER} "Enabling localhost route processing"
/sbin/sysctl -w net.ipv4.conf.all.route_localnet=1
fi

case "$2" in
up)
if [ ! -r /etc/iptables.rules ]; then
${LOGGER} "No iptables rules exist to restore."
return
fi
if [ ! -x /sbin/iptables-restore ]; then
${LOGGER} "No program exists to restore 
iptables rules."
return
fi
${LOGGER} "Restoring iptables rules."
/sbin/iptables-restore -c < /etc/iptables.rules
;;
down)
if [ ! -x /sbin/iptables-save ]; then
${LOGGER} "No program exists to save iptables 
rules."
return
fi
${LOGGER} "Saving iptables rules."
/sbin/iptables-save -c > /etc/iptables.rules
;;
*)
;;
esac

<----

Reboot...

Look in syslog:

Sep 20 08:38:15 delta FirewallHandler: Enabling localhost route processing
Sep 20 08:38:15 delta nm-dispatcher[950]: net.ipv4.conf.all.route_localnet = 1
Sep 20 08:38:21 delta FirewallHandler: Restoring iptables rules.
Sep 20 08:38:21 delta nm-dispatcher[950]: <30>Sep 20 08:38:21 FirewallHandler: Restoring iptables rules.

Mythmote should work. 


Le 19 septembre 2016 21:22:43 HAE, Mario Bertrand <mario at bertrand.tech> a écrit :
>Hi, 
>
>That's not critical. I don't reboot often. Just thought that someone
>here could have already using similar settings. I have tried inetd and
>xinetd, but I got broken pipe while sending commands to frontend.
>Iptables works fine for me. Will do some further reading when I got
>time. 
>
>Thanks. 
>
>Le 19 septembre 2016 20:16:15 HAE, Hika van den Hoven
><hikavdh at gmail.com> a écrit :
>>Hoi Hika,
>>
>>Tuesday, September 20, 2016, 2:07:51 AM, you wrote:
>>
>>> Hoi Stephen,
>>
>>> Tuesday, September 20, 2016, 1:50:48 AM, you wrote:
>>
>>>> On Mon, 2016-09-19 at 19:30 -0400, Mario Bertrand wrote:
>>>> Hi, 
>>>>  
>>>>  To make Mythmote connect to frontend, I have followed instructions
>>on mythtv wiki :
>>>>  https://www.mythtv.org/wiki/Frontend_control_socket
>>>>  
>>>>  sysctl -w net.ipv4.conf.all.route_localnet=1 
>>>>  
>>>>  iptables -t nat -I PREROUTING 1 -p tcp -d 192.168.1.xxx --dport
>>>> 6546 -j DNAT --to-destination 127.0.0.1:6546 
>>>>  
>>>>  It works, but since I loose everything at reboot, I would like to
>>>> get this done automatically at boot. I'm on latest mythbuntu. Any
>>ideas?
>>>>  
>>
>>
>>
>>
>>>> Mario,
>>
>>
>>>> This is an operating system problem.  I am unsure which operating
>>>> system you are using for your frontend.  I have found that Fedora
>24
>>>> (Server) utilizes a different management tool for iptables.  The
>>>> legacy method of adding to the iptablse configuration works until
>>>> the next reboot.  I found that firewall-config (X11) will change
>>>> both the boot config and the run config.
>>
>>
>>>> Steve 
>>
>>> Very probably your distribution has a service for iptables called
>>> something like that. If you start it and make it automatically start
>>> on boot before applying the new rule, the rule very probably gets
>>> stored with the other rules on close-down and will get loaded on
>>> start-up automatically.
>>
>>> Tot mails,
>>>   Hika                            mailto:hikavdh at gmail.com
>>
>>To explain further. What such a service basically does is to load a
>>set of rules from a text file. iptables itself is part of the kernel,
>>so no program needs to be loaded. Most such services will also save
>>the current rules on shut-down. But that depends on your distribution.
>>Such automatic saving could be seen as a security risk.
>>
>>
>>Tot mails,
>>  Hika                            mailto:hikavdh at gmail.com
>>
>>"Zonder hoop kun je niet leven
>>Zonder leven is er geen hoop
>>Het eeuwige dilemma
>>Zeker als je hoop moet vernietigen om te kunnen overleven!"
>>
>>De lerende Mens
>>
>>_______________________________________________
>>mythtv-users mailing list
>>mythtv-users at mythtv.org
>>http://lists.mythtv.org/mailman/listinfo/mythtv-users
>>http://wiki.mythtv.org/Mailing_List_etiquette
>>MythTV Forums: https://forum.mythtv.org
>
>-- 
>Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma
>brièveté.
>
>------------------------------------------------------------------------
>
>_______________________________________________
>mythtv-users mailing list
>mythtv-users at mythtv.org
>http://lists.mythtv.org/mailman/listinfo/mythtv-users
>http://wiki.mythtv.org/Mailing_List_etiquette
>MythTV Forums: https://forum.mythtv.org

-- 
Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mythtv.org/pipermail/mythtv-users/attachments/20160920/93545444/attachment.html>

More information about the mythtv-users mailing list