Dlna server not found when firewall active

General system Gaming, sound and video
1

I want so use the dlna server on my network to stream music to rhythmbox on my PC.

After a lot of tinkering I found out, that the firewall from EndeavourOS blocks the dlna server.

When I stop the firewall with:

sudo systemctl stop firewalld.service

rhythmbox finds the dlna server and I can play music.

I have looked for something with dlna in the firewall config GUI but didn’t find any.
What are the right settings, to get dlna running with activated firewall?
(the firewall is in standard settings, this is a fresh install of Cassini Neo)

2

Try opening the service “ssdp” by checking the box for it in the firewall UI.

3

What port is your dlna server listening on? miniDLNA listens on port 8200 then communicates back to VLC on port 1900 UPD.

________                            ______
|      |<-------- 8200 TCP -------<|      |   
| DLNA |                           |  VLC |                 
|______|>-------- 1900 UDP ------->|______|

On the computer with VLC the outgoing request on 8200 is OK as default on firewalld from EnOS is all outgoing ports are open.

On the computer with VLC, the incoming communications needs firewalld port 1900 UDP opened.

No guaranty that the DLNA computer is listening on port 8200 TCP, it may be different.

Pudge
EDIT:
Sorry, I use VLC so it just came to mind while making the diagram. It works the same for Rhythmbox. Besides, VLC fits in the box better. :sweat_smile:

1 Like
4

Here is what I had to do to get port 1900 udp open
Open up the firewall app by right clicking on the firewall icon, then ‘Edit firewall settings’
First thing is to set the rules to ‘Permanent’. It usually ‘Runtime’ by default.

upnp-client
upnp-client875×665 69.3 KB

Then select the ‘upnp-client’ under the Services Tab.

Next, click on ‘Options’ in the top panel, and click ‘Reload Firewalld’

This should get things working.

Forget everything after this as it is all not the best solution.

Next, open the ‘ports’ Tab

ports
ports914×164 12.5 KB

and click ADD to add port 1900 and protocol udp

next open the Protocols Tab

protocols
protocols914×164 10.5 KB

and ADD udp

One more thing I do that you can consider. click on the ‘Sources’ Tab

Sources
Sources914×164 15.7 KB

I add the IP range of my domain 192.168.0.0/24
I think this binds the entire Public zone to only accept incoming communications from your local LAN and nothing else. You may not want to do that, but in my Local Area Network, there is only one domain (router)
@dalto what is your knowledge / opinion on the ‘Sources’ Tab?

Pudge

EDIT:
After consultation, I edited this post to a much better solution.

3 Likes
5

That is not a great way to use firewalld.

Instead you either use the existing services or create new services and then just check them.

In this case, there is already a service for udp 1900 called “ssdp” which is what that port is for. All you need to do is click on the zone and check that box.

In general, firewalld makes it so that you don’t have to worry about the details in most cases.

You should almost always being enabling services in whatever zones you use.

1 Like
6

I have never heard of “ssdp” service before.

I enabled “ssdp” and then removed all the things I did in post # 4.

Did not work.
I then added to the ‘Ports’ Tab 1900 udp. Did not work.
I added to the ‘Protocols’ Tab udp. It worked.
I removed from the ‘Ports’ Tab 1900 udp and it still worked.

In a nut shell, adding to the ‘Protocols’ upd by itself was all that was necessary.

What you said about ‘ssdp’ makes sense, so I was surprised when it didn’t work.

Pudge

7

Doesn’t that allow all udp traffic?

That seems… suboptimal.

1 Like
8

I agree, but that is the only way I have come up with so far to make it work.
Well, it’s time I do some more research on this problem.

Thanks for your input, much appreciated.

Pudge

9

I found this Red Hat bug report. It was talking about a UPnP service.
https://bugzilla.redhat.com/show_bug.cgi?id=892801

So I looked in the Services Tab and found this.
upnp-client

I enabled this service at it still worked. I then disabled ‘ssdp’ service and disabled ‘minildna’ service and finally removed the entry from the ‘Protocols’ Tab. It still worked.
All tabs are clear of any entries.

Summary, the only thing that needs to be done, is enable ‘upnp-client’ and that is it. :nerd_face:

Now for the ultimate test. Reboot and see if it still works.

Pudge

EDIT:
It still works after the re-boot. Now for the ultimate DUH moment.

fix
fix898×627 78 KB

VLC was desperately trying to give me a BIG hint.
The very Icon one clicks on to launch this is labeled “Universal Plug ‘n’ Play” and this happens to be on a client computer. DUH upnp-client :scream_cat:

1 Like
10

@Pudge
that is the solution!
Now it works :+1:

1 Like
11

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.

13

The issue is not solved 100%.

Sometimes VLC doesn’t find the DLNA server with activated Firewall.
When I deactivate it, VLC finds the server every time!

I don’t undertand it.

14

Maybe you can find a clue in this Discovery page. It explains how to set up miniDLNA on a LAN server.

https://discovery.endeavouros.com/arm/homeserver-6-install-and-setup-a-minidlna-media-server/2021/04/

What is being used as the DLNA server? Does the DLNA server have a firewall installed? If so one needs to open port 8200 TCP.

Pudge

15

The DLNA server runs on a Ubuntu Server 22.04 machine.
No Firewall on this machine is active.

Every other client in the network has no issues with fining it.
Only the EneavourOS system, when the firewall of it is active.