firewall ports, again

Help and support for HDHomeRun DVR and HDHomeRun software for Windows 10, Mac, Android, XBox, etc.
Post Reply
white_haired_uncle
Posts: 6
Joined: Sun Jun 25, 2023 10:27 pm
x 2

firewall ports, again

Post by white_haired_uncle »

I did see the firewall ports in FAQ, though the link seemed to be primarily intended for SD DVR users. Wasn't sure if I should pollute that thread with my questions, guessed not.

Working with a FOSS DVR that uses libhdhomerun, on Fedora 42 which runs firewalld by default. Didn't work out of the box. I have it working, but it doesn't seem right to me so I'm not confident I have it working correctly. I finally ended up pulling out wireshark to figure out how to get hdhomerun_config discover working. It seems 65001/udp is the SOURCE port. I can kind of see the rationale for filtering on source ports < 1024, but this just makes no sense to me. All of the other rules open (usually) a single destination port, which makes sense. AFAICT, if I filter on source port I'm effectively opening ALL destination ports, at least for one host, which kind of defeats the purpose of filtering at all. This "works", in that discover succeeds:

Code: Select all

sudo firewall-cmd --add-rich-rule 'rule family="ipv4" source mac="00:18:DD:06:8D:74" source-port port="65001" protocol="udp" accept' --zone=public --permanent
It's a home environment, so I don't care so much about the security aspect (if someone is in my house and has had the time to clone the MAC of my HDHR I've got bigger problems), I'm more concerned that I'm doing something wrong.

I'm also confused as to why data transfer, which appears to consistently come FROM 5004/udp, is successful, but I haven't really dug into that one yet.
Top
Post Reply

Return to “HDHomeRun Software Setup & Troubleshooting (Live & DVR)”