[mythtv-users] Can anyone explain these MythTV/MythWeb access quirks?
Michael T. Dean
mtdean at thirdcontact.com
Tue Mar 24 02:39:41 UTC 2009
On 03/23/2009 07:46 PM, Craig Huff wrote:
> I am still running MythTV version 0.20.2-164.fc6, so this may be
> overcome by events, but...
>
> When I browse within my lan, I can access the Program Listing screen
> and change it to another time frame, like opening it at 8am and
> switching to 5pm starting time.
>
> **However**, if I use ssh to get through my firewall from the wan and
> ssh-tunnel to the mythweb screen,
Meaning what? Using a SOCKS proxy to pierce the firewall, i.e.:
PROXY_HOST=<the gateway between your network and the Internet>
PROXY_PORT=1080
DYNAMIC_SOCKS_PROXY_OPTS="-D ${PROXY_PORT}"
SSH_EXTRA_OPTS='-o ServerAliveInterval=30'
ssh ${SSH_EXTRA_OPTS} ${DYNAMIC_SOCKS_PROXY_OPTS} ${PROXY_HOST}
would work. That basically allows you to send a request to the MythWeb
server from "within [your] lan" (from the gateway host), even when
you're not on the gateway host. See, also, FoxyProxy (a Firefox
extension) to make using it easier.
> it fails when I try to change the
> program listing to another timeframe, no matter what means I try to
> use to change it. I would like to understand **why**. I get the same
> symptoms when I try to do program searches.
>
But I'm guessing you're doing a port-forward of a local port to port 80
(or whatever the MythWeb http server is listening on) on your MythWeb
host. That will /not/ work because the hostname and cookie hosts/data
will be all wrong. You'd have to use use a proxy config that does
rewriting (including cookie rewriting). I actually have a MythWeb on my
system that's /only/ accessible from the internal network, but I have a
different Apache httpd running a mod_proxy to handle rewrites for
out-of-network access.
If you don't want MythWeb always available on the Internet at large, you
can go with the SOCKS proxy approach, above, or use something like SPA
(fwknop - http://www.cipherdyne.org/fwknop/ ) to leave the port closed
until you send a specially-crafted encrypted authorization packet
requesting that port be made available to only your host for some time
period. (I.e. SPA is what port knocking tried--unsuccessfully--to be.)
> Another oddity is that if I redirect a high port number on the
> firewall/router to port 80 on the MythTV system, I can get the login
> prompt dialog from MythTV, but it won't accept the username and/or the
> password, so I can't get in. What gives with that?
>
Probably the same type of thing.
> Finally, if I try to ssh into the MythTV system from a remote (wan)
> system that supports X-windows, it doesn't exactly succeed if I try to
> run mythfrontend. The screen background will appear, but the terminal
> window will log a log of errors about things like GLX not found, or
> something. Is this a case where I have to put an option on the
> command line to force a different display mode, and if so, could
> someone refresh my (faulty) memory about what it is? I tried looking
> at the help from "mythfrontend --help", but it didn't give me any
> clues.
mythfrontend -O ThemePainter=qt
Note, though, that you won't be able to do any video this way. Closest
you could get is the "preview video" in the Watch Recordings screen (and
even discounting the size/lack of audio, that will be very unacceptable
quality).
Works great for mythtv-setup, though:
mythtv-setup -O ThemePainter=qt
or using mythfrontend to do non-video functions, like modifying settings
or managing MythVideo videos or ...
Mike
More information about the mythtv-users
mailing list