On 12/17/2010 09:56 PM, Josh Blum wrote: > > > Disabling the firewall entirely seems to fix it. Thats using a > sledgehammer when you need a chisel. :-) > > -josh > > _______________________________________________ > > The "most elegant" way to solve this is with a "conntrack" module for the kernel, a la the conntrack module for netbios-ns and snmp. But in lieu of that, the following line in /etc/sysconfig/iptables (on Fedoren):
-A INPUT -m state --state NEW -m udp -p udp --sport 49152:49153 --dport 1024:65535 -j ACCEPT Appears to allow uhd_find_devices to do its thing. Any protocol that does "discovery" using a UDP broadcast, followed by a unicast reply will run into trouble with iptables, which is why "conntrack" modules were invented to handle specific protocols that use a broadcast "discovery" phase. While there appears to have been discussion of a "generic" conntrack module to cover this case, it doesn't appear to have been worked on. The problem with the iptables config line above is that it doesn't *quite* provide the required security semantic that would be provided by a conntrack module. But it will suffice for now. -- Principal Investigator Shirleys Bay Radio Astronomy Consortium http://www.sbrac.org _______________________________________________ Discuss-gnuradio mailing list Discuss-gnuradio@gnu.org http://lists.gnu.org/mailman/listinfo/discuss-gnuradio
