[Sugar-devel] Minimal set of firewall ports for Salut/Gabble to work

[Samuel Greenfeld]

I have a small farm of virtual machines at home that I have been using to
check out Fedora updates.  Recently I was asked to look at some Sugar
packages, so I tried to look at those using Salut for communication, only to
be blocked by Fedora's default firewall.

I looked at a Sugar on a Stick installation of Fedora 14, and the only port
opened in its incoming firewall configuration seems to be UDP port 5353 to a
multicast network for Avahi/mDNS.   This allows all the Sugar systems to see
each other; but does not seem to allow them to see publicly shared
activities(*).  In order for private invitations to work, TCP port 5298
(telepathy-salut) seems to also need to be open.  But then the hosts want to
talk over multicast to UDP port 31842 and it's not clear to me if that's
guaranteed to be consistent.

Does anyone know the minimal set of ports and methods Sugar & Telepathy need
to communicate, and if so should we be adding them to the Sugar Spin's
firewall for Fedora 15?

---
SJG

(*)This also may or may not be a bug in the current builds; I'm using the
latest Sugar items in the updates-testing repository.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/archive/sugar-devel/attachments/20110423/b181dc8d/attachment.html>