I’ve setup spark-server on a raspberry pi and all working very well. I’ve just setup CSF as a firewall and have allowed ports 5683 and 5099 in and out for TCP but getting some strange behaviour… When CSF is running and I reset a photon, it can’t connect the local cloud (just sits flashing green). If I stop CSF service and restart a photon, it connects fine. Once the photon is connected, I can start CSF and then call particle functions etc. from the PI and everything works (talks to the Photons no probs). So I’m wandering if there are certain ports/protocols used by the Photon in the connecting stage that are being blocked by CSF? I’ve tried to analyse the ports used in the process of a photon connecting using tcptrack and netstat -t -u -c but all I could find was the 5683 and 5099.
I suppose you’ve also got the standard ports 53, 54, 80, 8080, … open too?
yep, this is my TCP_IN and OUT:
TCP_IN = "20,21,22,25,53,54,80,110,143,443,465,587,993,995,814,5099,5683,8080"
TCP_OUT = “20,21,22,25,53,54,80,110,113,443,587,993,995,5099,5683,8080”
I’ve opened it up to allow ports 1-60000 for IN and OUT and it’s fixed the issue - also wanted to isolate it wasn’t something else CSF was doing. Would be great if someone could say what ports/ranges are needed though.
OK, have narrowed it down a bit…
Am using these for ports opened and it’s working:
TCP_IN = "20,21,22,25,53,54,80,110,143,443,465,587,993,995,814,5099,5683,8080"
TCP_OUT = "20,21,22,25,53,54,80,110,113,443,587,993,995,5099,5683,8080"
UDP_IN = "20,21,53,54:5683"
UDP_OUT=“20,21,53,54:5683”
So at the moment I’m feeling like it’s a UDP port/range I need to narrow down on.
My trouble is that I can’t seem to monitor UDP traffic easily… have tried using ss but it doesn’t show any UDP traffic if I use the command:
ss -u
I see all the TCP traffic no worries if I use:
ss -t
OK, found the UDP ports being listened on the PI using the command:
netstat -lnpu
This showed the ports 67, 68, and 123 being listened
so I updated my CSF conf and it’s all working now:
UDP_IN = "20,21,22,25,53,54,67,68,123"
UDP_OUT=“20,21,22,25,53,54,67,68,113,123”