miniupnp.tuxfamily.org

[jasn]

I'm trying to run the OSX VNC client from Edovia called Screens, to connect from one Mac system to another, over the internet. Edovia provides a utility called ScreensConnect, which they describe as, "an optional utility app that takes care of configuring your network in order to make your computer reachable from anywhere". I've installed ScreensConnect on the target Mac system according to the user guide, and in the System Preferences for ScreensConnect, it tests to see if the proper ports are available.

On my IPFire device, I've installed miniupnpd 1.9, and configured it following the IPFire wiki page on miniupnpd. The issue that I appear to be having is in regards to setting up the correct permission rules. If I use a set of rules such as (my internal IP address range is 192.168.1.0/24);

allow 1024-65535 192.168.1.0/24 1024-65535
deny 0-65535 0.0.0.0/0 0-65535

The ScreensConnect system preference tells me "The public port is set to 0 and cannot be used." I then tried to setup the rules for maximum permissiveness with;

allow 1024-65535 192.168.1.0/24 1024-65535
allow 0-65535 0.0.0.0/0 0-65535

And the ScreensConnect system preference initially went green and said that everything was working correctly. Subsequent tests generate the "public port 0" error message, so I'm not sure how this should be setup. Can someone explain to me, in simpler terms, how these rules work, and what might be the correct setting to allow the ScreensConnect software to work through the IPFire firewall with miniupnpd's NAT-PMP service?

BTW, when I contacted Edovia technical support their comment was that ScreensConnect will randomly use ports when setting up these connections, so it was best to allow all ports. However reading their Router FAQ, here, in the section covering the Tomato router, they seem to suggest that they only need port 22 open below 1024, if using remote login.

Thanks,

Jason

[miniupnp]

VNC protocol default port is 5900
keep the permission rules