Logo 
Search:

Unix / Linux / Ubuntu Forum

Ask Question   UnAnswered
Home » Forum » Unix / Linux / Ubuntu       RSS Feeds

Blocked UDP ports

  Date: Dec 17    Category: Unix / Linux / Ubuntu    Views: 911
  

First, I do not have a router and I do not have a firewall.
I do have Ubuntu 8.04.1 and Wine 1.0. I'm trying to run Echolink which
requires the use of UDP 5198 and 5199. I read somewhere that as a
default Linux blocks all UDP ports. I don't have a clue as how to open
them. Can anyone help me.

Share: 

 

28 Answers Found

 
Answer #1    Answered On: Dec 17    

If you are running linux you are running a firewall by default.
Run Firestarter, which is only the gui front end to the firewall, and
allow those two ports.

 
Answer #2    Answered On: Dec 17    

I've installed and running
Firestarter. I've configured it every way I can think of with no
success. Here is what I'm trying to do. My Internet is provided by a
USB connection to a WindowsXP Pro computer. Its IP address is
129.168.0.1. That computer uses Windows Sharing and places the Internet
on my Ethernet (Windows). The program is Echolink which is a VOI type
program. It needs TCP 5200 for traffic from the PC to the Internet. It
also needs UDP 5198 and 5199 ports for traffic into and and from the PC
to and from the Internet. If I were to reinstall WindowsXP on the
computer as is, everything works. But, I can't seem to get the right
setup on Ubuntu. I would really appreciate any help or hand holding you
could give me including how to set up Firestarter.

 
Answer #3    Answered On: Dec 17    

I forgot to tell you that the ICP port is open and works OK.

 
Answer #4    Answered On: Dec 17    

if ya dont have a router you dont need to open any ports for echolink...

 
Answer #5    Answered On: Dec 17    

https://help.ubuntu.com/community/Firestarter

Also, I misspoke on the firewall always on.

I found that the firewall is not on by default but that the ports are
closed until they are opened.


Okay. Echolink is a p2p app, so lets break this down.
How do you access the net? Broadband: cable, dsl, wireless.
Any of these will require some type of modem:
cable - mine is a Motorola with built in wireless router and firewall
dsl - can be similar
wireless - the radio is your modem and has neither router or firewall

If you are sure your modem as NO router or firewall enabled, the next
thing is to check your ports.
....

Just saw you posted your situation so Ill read that first....

On firestarter click on the Policy tab. on the Bottom Pane where it says
Allow Service for right click and chose Add Rule

In the name field add Echolink and in the port field add 5200.
Under "When the source is ...", if this is open to anyone and you dont
know who it will be, choose anyone.
Click add and then click Apply.

Do this for the ports you need open.

Afterwards you can run netstat -l -t and then lsof -i at the command
line and see what port is being listened to.

 
Answer #6    Answered On: Dec 17    

the lsof command yields 6 lines. Two for Wine and
four for Echolink. Three were listing 5198 and three listing 5199. Now
my Ubuntu is not configured for the LAN. The hits just keep coming.

 
Answer #7    Answered On: Dec 17    

I believe it was you who instructed me on using Firestarter.
There were a lot of guys give me their opinions. Thanks to them. Here
is where I am.

First. I'm pretty much lost. I use to support Unix back in the early
80's. I supported both Bell and Berkley versions. The versions were
3.0. Hi. And, of course this was way before networks and the
Internet. But, all these years past and many operating systems. These
days I'm dangerous. Hi.

Second. I set up Firestarter as you instructed, but what came up was
"unknown 5198" and the same for 5199. I tried to enter them as UDP
5189, but that was rejected. I'm really not sure about how to enter
into that utility.

Third. I may have a network IP problem. My network is configured in a
Group, IP 192.186.0.X. I named my Linux computer as Echolink. When I
"ping Echolink" with a command I get an address completely different for
what I think "Echolink" should have. If I'm trying to pass traffic to a
computer not on the group which contains the Internet, that will not
work. Maybe that is the problem.

 
Answer #8    Answered On: Dec 17    

Alright then, lets back up and get to straight answers so we can work
this out.

You said that you did not have a router or a firewall but you have a
local network addr of 192.xxx.xxx.xxx.

1. What type of internet service are you on? (broadband always on, dialup).

2. Does your modem have a built in router and/or firewall?

3. If you modem does not have either, and you do not have a router, how
are you getting all your pc's online? (internet connection sharing isnt
going to work long)

4. Click on System > Administration > Network Tools
On the first tab under Network Device make sure your Ethernet Internface
(eth0) is selected. Now look below that in the IP Information area. You
should see the ip of your computer to the right of the IPv4 protocol.

5. On the Port Scan tab of Network Tools, put in first your ip address
from the step just before this and this will tell you what ports are
open. Next do it with 127.0.0.1. You'll probably have a few more.

6. You have WINE install and running.. did you test it with some other
app? Echolink may NOT be connecting correctly to the net via WINE. I
have read about many apps which cant access the net - though IE5,6 both
do through WINE.

 
Answer #9    Answered On: Dec 17    

I want to tell you about another strange thing. After a fresh
install, I select Places/Networks/Network Servers. An Icon showing
Windows Network. If I click on it, another Icon pops up called MSHOME.
That is the group name for my LAN. If I click on it, I get Icons for
all my computers. Now the second I install Firestarter, all goes away.
I never see MSHOME or my computers.

 
Answer #10    Answered On: Dec 17    

I use hub in my
Ethernet LAN. The reason I use a hub is because my ISP is Verizon. It
is their wireless service. The phone lines here are so bad they don't
support Internet. The modem for Verizon Wireless uses an USB port.
That is why I don't use a router. I use Windows Internet Sharing to
place the Internet on the network. Windows Internet Sharing requires
that all computers are set to automatic IP assignment. The Host
computer must be 192.168.0.1. There are four computers on my network
plus an access point which provides a wireless connection for my
Laptop. I have firewalls in each of those computers. But, I don't
think they have anything to do with the Linux problem. Oh, Echolink
works good on any of the XP computers. (All computers run XP Pro except
the Laptop. It has Vista. I have a multi-licensed copy of XP.)

Question 5: 1PV4 127.0.0.1
1PV6 ::1 12 Host

Thats all.

Question 6: I really don't have any other program that uses the
Internet to try. I do have an Internet connection because I downloaded
Wine via the connection. So, the Ubuntu system is seeing my host computer.

 
Answer #11    Answered On: Dec 17    

When I lost my Sprint Broadband (6Mbps) microwave service July 31, 2008,
due to FCC reallocation of the spectrum (I now have 30Mbps service from
another provider), one option from Sprint was their EVDO which appears
to be identical to your Verizon service. I didn't opt for that because
"a luxury, once sampled, becomes a neccessity" and I didn't want to drop
to a lower speed.

Point being: though Sprint touts the USB wireless, they also provide a
standalone wireless modem which for all intents and purposes is used
identically to a cable or DSL modem and connects to one's home network
via Ethernet (*not* USB).

This forum <http://www.evdoforums.com/thread1235.html> calls the
service "Sprint/Verizon EVDO" which suggests you may be able to get a
standalone wireless modem that connects via Ethernet and all (or, at
least, most) your problems go away.

Pictures on the right side of that EVDO page show some of the things
(routers, modems, etc.) that work with Verizon's and Sprint's EVDO.

 
Answer #12    Answered On: Dec 17    

My problem, is I live in a fringe area, 15 miles south of Deming,
NM. The telephone lines don't support any dial up over 18K. The only
cell phone I can get to work is Verizon. I tried Hughes, but couldn't
deal with their support or lack of. My only language is American
English. I'd love to have DSL. I call Quest and they put me on hold
and then come back and say they can't help me. My Verizon Wireless
connection is not very good, but it is all that I have. Hi. I have to
deal with it.

 
Answer #13    Answered On: Dec 17    

What is Verizon's name for the wireless service you have?

If it's the EVDO, then the web page I cited previously shows devices
that'll make your network connections a lot easier without all your
systems depending on one for the connection. By "devices" I mean
external wireless modems with Ethernet, routers, etc.

I can understand your frustration (I used to live in NM when working
at White Sands Missile Range in the early 1960s), and though I'm in
the heart of Silicon Valley now neither cable nor DSL were available
until a few years ago which is why I had Sprint Broadband using a
microwave transceiver looking over San Francisco Bay; picture here:

<http://thadlabs.com/PIX/LX200/>

Sprint's EVDO service provides a free USB wireless modem. If Verizon
did the same for you, tossing that USB device costs nothing and you
can buy an Ethernet wireless modem which will simplify many things.

You'd also need a router/firewall with NAT; these are ubiquitous and
the D-Link and Linksys/Cisco seem to cost around $50 and have a good
rep. I recently helped a friend in Pendleton OR (really out in the
boondocks) get setup using a Trango M900S broadband wireless trans-
ceiver and a Linksys BEFSR11 cable/DSL router (which really works
with anything because its WAN port is Ethernet).

The hookup is simply:

V---[modem]---[router]---[LAN switch]===multiple computers on LAN

"V" is the antenna, the modem/transceiver is transparent, and the
Linksys router makes/accepts DHCP for its WAN IP, and the router's LAN
IP range is 192.168.1.*

My Sprint Broadband setup was conceptually identical as is what I
have now; the only thing new (for me) is a different type of modem.

For you the modem could be a standalone EVDO unit with Ethernet.

 
Answer #14    Answered On: Dec 17    

I now have lost the Internet
connection. When this happens, the only way I know to fix it is to
reinstall the OS. I'm close to giving up and returning to XP.

 
Answer #15    Answered On: Dec 17    

First, if you turn firestarter off that will not open ports. Ports are
closed until open for security purposes. And Im not entirely sure why
you are losing connection once the firewall starts unless it has to do
with the usb connection.

5. On the Port Scan tab of Network Tools, put in first your ip address
from the step just before this and this will tell you what ports are
open. Next do it with 127.0.0.1. You'll probably have a few more.

The above is from my last email.
Do that first without starting firestarter.
Im not sure if it will produce different results or not when FS is
turned on. But then try it again with it on. Post back on what ports are
open each time.

After that run netstat -l -t and then lsof -i and post back what each of
these show.

 
Answer #16    Answered On: Dec 17    

netstat yielded: tcp listening.
lsof yields: nothing.

Before I re-installed the OS I checked all that I could think of and
found no difference after Firestarter was initiated. The only think I
found was I had no Internet connection. All IPs seem the same.

Right now I would rather not start Firestarter. I would have to go
through a re-install again for about the 20th time. I will if it will
help you answer some questions.

 
Answer #17    Answered On: Dec 17    

I've done some more research. I've turned on
the two ports I need using the ufw command. If I use a "sudo ufw
status" command it says the two ports I need on on. But if I go to
Network Tools/Port Scan I don't see them. Of course the key is I tried
my firewall test and it fails.

 
Answer #18    Answered On: Dec 17    

I made a mistake. I didn't realize you
could make a selection in the Interface Tools. I had selected the
loopback "lo" by mistake. 1PV4 is 192.168.0.39. That is what I would
expect. Now I went ahead and set the ports up like you recommended.
Then checked for open ports. They don't show up.

 
Answer #19    Answered On: Dec 17    

I have another question. If I turn the firewall off using
Firestarter, shouldn't all the ports be open?

 
Answer #20    Answered On: Dec 17    

Public computer networks existed in the 1960s (e.g., Tymnet and others
from ITT, IBM, etc.) and I was using the ARPANET circa early 1970s. An
old ARPANET map I recently found and scanned:

<thadlabs.com/FILES/ARPANET_Sept_1982.pdf>

StarLAN (1Mbps Ethernet over existing 2-wire telephone cabling) was a
joint development of AT&T and HP circa 1980 and you can read about my
home StarLAN network in the O'Reilly "Managing uucp and Usenet" book.

"Basic" Ethernet appeared in 1972 and became IEEE 802.3 in 1980.

I recall using the world's fastest computer at the time (1972), an
IBM 360/195 at the Rutherford High Energy Labs about 90 miles north
of London UK, from my home in Silicon Valley over the ARPANET.

The public was on the Internet by the early 1980s via portals run by
The Well, Portal, BIX, GEnie, and many others.

The first web browser was Mosaic circa 1993. By 1994 commerce began
on the Internet and I remember buying some modems from, you're not
going to believe this, www.internet.com, which was located in Palo
Alto CA. Amazon.com started in 1994 and went online in 1995.

 
Answer #21    Answered On: Dec 17    

I guess you got me on that one. At least in my world there
wasn't any networking. Zilog was experimenting with what they called Z
net at that time but didn't market it. I never heard of the Internet
until I was introduced to it via the Army in the mid 1980s. Oh, I think
you are mistaken about the 360. In 1972, the fastest computer was the
Cray. Seconded by Control Data's Cyber line.

 
Answer #22    Answered On: Dec 17    

Nope. I have an excellent memory and that claim of being the world's
fastest appeared whenever I'd telnet to Rutherford's 360/195 -- it
was in their login banner.

> In 1972, the fastest computer was the Cray. Seconded by Control
> Data's Cyber line.

Nope. Cray was founded in 1972 and the Cray-1, their first system,
debuted in 1976. You can read more about the history of Cray here:

<http://en.wikipedia.org/wiki/Cray>

And before you mention Amdahl, I was there, too. I helped setup to
simulate their first system on an Xerox (XDS, formerly SDS (Scientific
Data Systems)) Sigma 7 which was the successor to the SDS 930 (later
940) that was modded at UCBerkeley (UCB) and became the basis for many
timesharing companies (e.g., Tymshare, Comshare, etc.). I used to
regularly make the trip to UCB in the 1960s to get the latest kernel
for the SDS-930/-940 and bring it back to Tymshare for use. That was
the *real* beginning of open source software.

I've been using computers since the early 1960s (mostly IBM and DEC),
and I've even been using Emacs since the mid-1970s. A copy of the
oldest Emacs manual I still have (handed to me by RMS himself in John
McCarthy's office at Stanford), can be seen here (thanks to a recent
scan I did answering another question in another forum):

<thadlabs.com/FILES/Emacs-150_1980.09.05.pdf> [9 MB]

Emacs' development was funded by the same folks who funded ARPANET
as you'll note on the manual's title page.

 
Answer #23    Answered On: Dec 17    

You're aware that Echolink is a Microsoft software program and it is
closed source, not a Linux program, correct? Additionally, the
Echolink web site recommends using Echolink with a DSL or Broadband
connection to the Internet. Use by wireless may work as well as via
telephone but not optimally.

I don't understand why it has been suggested that you run Firestarter
(Linux firewall software) to access UDP ports.

[quote]EchoLink is a computer program that runs under Microsoft
Windows to allow radio amateurs to communicate with one another using
Voice over IP (VoIP) technology on the internet for at least part of
the path between them. It was designed by Jonathan Taylor, a radio
amateur with callsign K1RFD.[/quote]

IRLP runs on the Linux operating system but requires that you BUY a
proprietary commercial interface, and it is used only for linking
repeaters together. No home users are permitted.

I found a web site that explains an Echolink 'like' program for
Unix/Linux, http://cqinet.sourceforge.net/. CQiNet is a family of
programs that combine Ham Radio with the Internet using Voice over IP
(VoIP) technology. Two programs are currently in the family,
"theBridge" and echoLinux.

 
Answer #24    Answered On: Dec 17    

There was a time when ISPs thought usb modems were the way to go, but they never
really caught on.

Do you own the modem or does Verizon? If your ISP owns it, is there any chance
that Verizon can't give you a modem with ethernet? If not, there service really
sucks and I would look at alternatives. If they will replace the modem, then you
will have more options. If not, then you must stick with connection sharing
which can work with Linux, but it is not the best solution as all computers rely
on the one computer.It would be better if the computer was one that was not used
much and prone to crashing. If you must go this route, then you should look at
getting an old computer and dedicating it for this purpose and install Linux
which is more secure and use it as a firewall as well.

 
Answer #25    Answered On: Dec 17    

I own the modem. But, I don't mind buying another option. Maybe,
I'll call them and see what is available. Your other suggestion has
merit. I was thinking about putting my modem on the Linux computer and
use their Internet Sharing. The one problem is the controlling software
is written for Windows. I'll have to download Wine using my existing
connection. Then move the modem to Linux and try to run it under Wine.
That leaves two problems or questions. Will it run under Wine and will
Linux recover from moving the Internet connection. I hope it is dynamic
enough to recognize the Internet connection changed.

 
Answer #26    Answered On: Dec 17    

I'm running Echolink on Ubuntu 8.04. I have it on both the desktop
here at home and on an old 500mhz laptop. First I installed Wine with
Synaptic, then I downloaded Echolink. It went in so smooth I was
really surprised. Didn't have to open Wine or figure anything out.
Echolink downloaded to the desktop. I clicked on it and Wine must have
taken over because it looked like a Windows install. When it was
through Echolink was running and I even had a Launcher on the desktop.
Didn't even have to go to Usr / bin to find it.
I remember the first time I installed Echolink on a Windows box I
had to futz with something to get the firewall to let it use the ports
that it wanted. I've also had it install on Windows and just work. The
difference was that I quit using the Windows firewall. Turn it off!
Download and install Zone Alarm first though. You can get that at
download.com.
If I understand what you're doing, you've got that USB Verizon
thing plugged into one of the Windows machines. I'm thinking that if
you replace the firewall that comes from Microsoft with Zone Alarm it
may solve your problem. I don't think Ubuntu's firewall is bothering
it. I know it hasn't bothered mine. The only difference being that I'm
using a serial port modem.
You're confusing me here though saying you'll have to download
Wine to try the USB modem on Ubuntu. I thought you had Wine?
73's

 
Answer #27    Answered On: Dec 17    

I was trying
to describe something and did a poor job. Now, my installation of
Echolink went just about like yours. It was very encouraging. Did you
try tools/firewall test on the Echolink menu? I'll turn off my Windows
Firewall and test Echolink with Ubuntu/Wine again.

 
Answer #28    Answered On: Dec 17    

It is not necessary to run the software that is Windows based to set up a
network.. Chances are that Verizon and many ISPs are running their networks on
Linux. Many servers use LAMP (Linux, Apache, MySQL and PHP). It is the heart of
the internet. So it is possible to set up a server that runs Linux and connects
to the outside through your modem and to your network through it. It is not
necessary to run Windows at all provided (and it is a big one) we can get your
computer to detect and install the modem.

I have had both DSL and cable modems and have never had to run any Windows
software. I set up my modem and my network through my web browser. As far as
either was concerned it did not matter what OS I was running. All I needed was
to point the browser to my router or modem and then the hardware recognized it.

Two things to note from all of this. Running networks is what Linux is made to
do and modems and routers are made to work with browsers. Neither cares about
the OS particularly. It is just the delivery mechanism.

A server run on Linux will be more secure, won't crash and will never need to be
re-booted. Since Linux is modular you can add servers as ou want at anytime. You
can even get special distros made for the purpose such as Untangle. I tried it
out as a VM appliance, but have not run it specifically for its intended
purpose, but it gets great reviews.
www.howtoforge.com/...ering-with-the-untangle-5.3-\
network-gateway (for one such review)

 
Didn't find what you were looking for? Find more on Blocked UDP ports Or get search suggestion and latest updates.




Tagged: