Re: netsync with port forwarding -- SOLVED

[Hendrik Boom]

On Tue, Jun 08, 2021 at 10:16:18PM +0200, Michael Raskin wrote:
> >I believe I got it to work?  I found one more trick in the cofiguration 
> >menu.  Theres a firewall, which knows about proper redirection for a 
> >large number of protocols, but not netsync.
> >It turns out to have a garbage destination -- where to send all packets 
> >that it doesn't know what to do with.  This is presumably intended to ba 
> >a machine that cac collect statistics and check for ossible attacks.
> >
> >So I just designate my server as my garbage machine.
> 
> I believe you could also enable the incoming connections on the port in
> the firewall settings…

That's what I did originally on port 4691, and it did not work.
I suspect that netsync sets up an other port that the modem firewall
does not know about.  Is the port usage of netsync documented somewhere?

> on the other hand, if you want incoming 
> connections, it's on the server, so I guess you can call it a win…
> 
> >It will ignore any port that's not open, and I control that by what 
> >services I choose to provide.
> >
> >And if netsync uses the familiar trick of initiating a connexion on port 
> >4691 and than replying to say what port the rest of the comminication 
> >should take place on,
> >* it ould formerly get lost because redirection treats it as a attack,
> >* But now it's sent to the garbage machine, which does know what to do 
> >with it.
> 
> Pretty sure it does not…

Because the garbage machine *is* the server, it does know what to do.
For anything but the ports it opens (which might be dynamically assigned 
for some protocols) it just drops incoming junk.

And for netsync, the process on the server opening the right ports is 
usher, which knows what to do with netsync.

> 
> >And I went to a coffee shop to check it's working.
> 
> Oh well, that's what matters

Yes.

-- hendrik