[mythtv-users] Network issues (slightly OT)

James Linder jam at tigger.ws
Wed Mar 6 20:53:23 UTC 2024



> On Mar 7, 2024, at 02:31, Jay Harbeston <jharbestonus at gmail.com> wrote:
> 
> 
>> On Mar 6, 2024, at 1:06 PM, Doug Lytle via mythtv-users <mythtv-users at mythtv.org> wrote:
>> 
>> On 3/6/24 12:57 PM, Steve Greene wrote:
>>> the entries, it goes to "24". Possibly need to change it in /etc/network/interfaces.
>> 
>> A /24 would be correct.
>> 
> 
> There is something misconfigured in your network, either ip address / network stuff… OR….
>   Maybe there is a wiring issue if all is correct  regarding ip addresses / network? 
> 
> So can your mythtv server access the router? Can it ping google.com?
> 
> Can your client(s) ping the router? Can they ping the router… can they ping  google.com?
> 
> maybe a guest network was set up inadvertently?
> 
> So many things it could be… requires methodical trouble shooting..

Indeed so many things …

You need a firewall because …

* You have a real ip
You already said you dont

* You have windows machines on your network
You dont want a compromised machine joining a bot-netwotk by calling OUT
Having a firewall does not protect you when you use eg a browser (ESTABLISHED/RELATED are allowed through the firewall)

* You run devices eg alexa eg doorbell camera without puttting them in a DMZ (aka a guest network)
How foolish! (and the firewall does not help you)

* Router firmware is broken

There may be other reasons, I don’t know about or did not think about

But in general you don’t need s firewall on your router, and various router firewalls do stupid things that will inhibit mythtv.
If you explicitly allow port forwarding to a machine the the firewall does nothing about those ports to that machine.

You don’t want a mis-configured network but routers will allow multiple networks/subnets
I do that when configuring another master mythtv - fine when backendA and frontendA are on one subnet backendB frontendB on another, messy routing when one frontend talks to both backends.

So first I would test without a firewall. If you have windows machines make sure they have their own firewall. I read honeypot tests show windows machines without fire wall being infected within 20 min.

James


More information about the mythtv-users mailing list