Solved

iChat Server won't transfer files

Posted on 2010-11-14
15
1,011 Views
Last Modified: 2012-05-10
I cannot find the ports to forward from my router to my Mac Mini server for the iChat server file transfers. These are the current ports forwarded to iChat server via port forwarding:
tcp 1080
tcp 5060
tcp 5190
udp 5190
tcp 5220
tcp 5222
tcp 5223
tcp 5269
tcp 5297
udp 5297
tcp 5298
udp 5298
tcp 5678
tcp 7777
udp 7777
tcp 16384-16403
0
Comment
Question by:LIEconomy
  • 8
  • 5
  • 2
15 Comments
 
LVL 7

Expert Comment

by:njxbean
ID: 34132168
Try forwarding tcp 5297
0
 
LVL 7

Expert Comment

by:njxbean
ID: 34132199
oh sorry i see you have it listed.  is the firewall on on your macmini server?
0
 

Author Comment

by:LIEconomy
ID: 34132316
No this is Shorewall installed on my Ubuntu router.
Internet -> Ubuntu/Shorewall -> unmanaged 8 port switch -> Mac mini server
On the internal network clients can send files to each other just fine.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 12

Expert Comment

by:nxnw
ID: 34141056
I think you may have some UDPs and TCPs reversed.

See page 120 of Network Services Administration Version 10.6 Snow Leopard

All docs are at http://www.apple.com/server/macosx/resources/documentation.html

Also, while file transfer works on the LAN, the problem may still be the configuration of the server's firewall. It could be set to allow access to the required port from addresses in your private IP range but block access from other addresses. Looking at your server's firewall log during a failed transfer will disclose the port, if this is the issue.

That being said, you have a lot of open ports on your firewall. You may want to:
1. assess which are absolutely required and close the rest;
2. close all of them and restrict access to VPN;
3. use non-standard ports for WAN access and reroute the packets to the correct ports at the firewall.
4. a combination of the above.
0
 

Author Comment

by:LIEconomy
ID: 34141184
I'll take a look at the page, but the server itself has no firewall active. There is only a firewall at the internet side as the internal subnet is just my home, and is relatively safe.
0
 
LVL 12

Expert Comment

by:nxnw
ID: 34141225
The server firewall is not just to protect it from attacks within the LAN. It is the second line of defence against whatever makes it through the NAT firewall. The NAT firewall is not impenetrable.
0
 

Author Comment

by:LIEconomy
ID: 34141316
Ok here is my new port layout:
udp 5678
tcp 5222
tcp 5223
tcp 5269
tcp 7777
udp 5060
udp 16384-16403

I'll let you know if this works.
0
 

Author Comment

by:LIEconomy
ID: 34141605
Oh Here is a sample of the File Proxy Log during a few attempted transfers. If anything there is successful it is because it is LAN to LAN
2010-11-11 15:45:21-0500 [XmlStream,client] Starting factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-14 19:19:26-0500 [-] Received SIGTERM, shutting down.
2010-11-14 19:19:26-0500 [__builtin__.Service] (Port 7777 Closed)
2010-11-14 19:19:26-0500 [__builtin__.Service] Stopping factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-14 19:19:26-0500 [XmlStream,client] <twisted.internet.tcp.Connector instance at 0x1006c4c68> will retry in 2 seconds
2010-11-14 19:19:26-0500 [XmlStream,client] Stopping factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-14 19:19:26-0500 [-] Main loop terminated.
2010-11-14 19:19:26-0500 [-] Server Shut Down.
2010-11-14 19:20:17-0500 [-] Log opened.
2010-11-14 19:20:17-0500 [-] twistd 8.2.0 (/usr/bin/python2.6 2.6.1) starting up.
2010-11-14 19:20:17-0500 [-] reactor class: twisted.internet.selectreactor.SelectReactor.
2010-11-14 19:20:17-0500 [-] Starting factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-14 19:20:17-0500 [XmlStream,client] __builtin__.Service starting on 7777
2010-11-14 19:20:17-0500 [XmlStream,client] Starting factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-15 15:45:45-0500 [-] Received SIGTERM, shutting down.
2010-11-15 15:45:45-0500 [__builtin__.Service] (Port 7777 Closed)
2010-11-15 15:45:45-0500 [__builtin__.Service] Stopping factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-15 15:45:45-0500 [XmlStream,client] <twisted.internet.tcp.Connector instance at 0x1006c4c68> will retry in 2 seconds
2010-11-15 15:45:45-0500 [XmlStream,client] Stopping factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 15:45:45-0500 [-] Main loop terminated.
2010-11-15 15:45:45-0500 [-] Server Shut Down.
2010-11-15 15:46:38-0500 [-] Log opened.
2010-11-15 15:46:38-0500 [-] twistd 8.2.0 (/usr/bin/python2.6 2.6.1) starting up.
2010-11-15 15:46:38-0500 [-] reactor class: twisted.internet.selectreactor.SelectReactor.
2010-11-15 15:46:38-0500 [-] Starting factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 15:46:38-0500 [Uninitialized] <twisted.internet.tcp.Connector instance at 0x1006c4c68> will retry in 2 seconds
2010-11-15 15:46:38-0500 [Uninitialized] Stopping factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 15:46:41-0500 [-] Starting factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 15:46:41-0500 [Uninitialized] <twisted.internet.tcp.Connector instance at 0x1006c4c68> will retry in 7 seconds
2010-11-15 15:46:41-0500 [Uninitialized] Stopping factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 15:46:49-0500 [-] Starting factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 15:46:49-0500 [XmlStream,client] __builtin__.Service starting on 7777
2010-11-15 15:46:49-0500 [XmlStream,client] Starting factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-15 15:49:07-0500 [-] Received SIGTERM, shutting down.
2010-11-15 15:49:07-0500 [__builtin__.Service] (Port 7777 Closed)
2010-11-15 15:49:07-0500 [__builtin__.Service] Stopping factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-15 15:49:07-0500 [XmlStream,client] <twisted.internet.tcp.Connector instance at 0x1006c4c68> will retry in 3 seconds
2010-11-15 15:49:07-0500 [XmlStream,client] Stopping factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 15:49:07-0500 [-] Main loop terminated.
2010-11-15 15:49:07-0500 [-] Server Shut Down.
2010-11-15 15:49:15-0500 [-] Log opened.
2010-11-15 15:49:15-0500 [-] twistd 8.2.0 (/usr/bin/python2.6 2.6.1) starting up.
2010-11-15 15:49:15-0500 [-] reactor class: twisted.internet.selectreactor.SelectReactor.
2010-11-15 15:49:15-0500 [-] Starting factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 15:49:15-0500 [XmlStream,client] __builtin__.Service starting on 7777
2010-11-15 15:49:15-0500 [XmlStream,client] Starting factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-15 18:54:22-0500 [-] Received SIGTERM, shutting down.
2010-11-15 18:54:22-0500 [__builtin__.Service] (Port 7777 Closed)
2010-11-15 18:54:22-0500 [__builtin__.Service] Stopping factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-15 18:54:22-0500 [XmlStream,client] <twisted.internet.tcp.Connector instance at 0x1006c4c68> will retry in 2 seconds
2010-11-15 18:54:22-0500 [XmlStream,client] Stopping factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 18:54:22-0500 [-] Main loop terminated.
2010-11-15 18:54:22-0500 [-] Server Shut Down.
2010-11-15 18:54:31-0500 [-] Log opened.
2010-11-15 18:54:31-0500 [-] twistd 8.2.0 (/usr/bin/python2.6 2.6.1) starting up.
2010-11-15 18:54:31-0500 [-] reactor class: twisted.internet.selectreactor.SelectReactor.
2010-11-15 18:54:31-0500 [-] Starting factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0x1015b2d90>
2010-11-15 18:54:31-0500 [XmlStream,client] __builtin__.Service starting on 7777
2010-11-15 18:54:31-0500 [XmlStream,client] Starting factory <__builtin__.Service instance at 0x1015b6ef0>
2010-11-15 19:22:21-0500 [JEP65Proxy,0,172.25.0.24] Adding connection:  c99a1721d4ab7f28c495ea293e5d39729a2f1fb1 <__builtin__.JEP65Proxy instance at 0x1015be200>
2010-11-15 19:22:21-0500 [JEP65Proxy,1,172.25.0.28] Adding connection:  c99a1721d4ab7f28c495ea293e5d39729a2f1fb1 <__builtin__.JEP65Proxy instance at 0x1015ce290>
2010-11-15 19:22:21-0500 [XmlStream,client] Activation requested for:  c99a1721d4ab7f28c495ea293e5d39729a2f1fb1
2010-11-15 19:22:21-0500 [XmlStream,client] Activating  c99a1721d4ab7f28c495ea293e5d39729a2f1fb1
2010-11-15 19:26:22-0500 [JEP65Proxy,2,172.25.0.28] Adding connection:  cbd648bcdc383bc6efd51168e2702be9b6623c28 <__builtin__.JEP65Proxy instance at 0x1015be200>
2010-11-15 19:33:04-0500 [JEP65Proxy,3,172.25.0.28] Adding connection:  3a865f876aea5c262b5aaba95718dd5ae2180dc0 <__builtin__.JEP65Proxy instance at 0x1015ce290>
2010-11-15 19:36:42-0500 [JEP65Proxy,4,172.25.0.28] Adding connection:  a96ccb76e14c9d8c39b17b6414240ed0c33ef497 <__builtin__.JEP65Proxy instance at 0x1015ced88>

Open in new window

0
 
LVL 12

Expert Comment

by:nxnw
ID: 34142763
It would be more useful if you provided an excerpt that was restricted to a failed attempt to transfer a file (or at least identified what was actually happening during the various times shown in the above excerpt). I won't speak for anyone else but I sure can't interpret it without any context.

For instance, do the sections bracketed by "Service starting on 7777" and "Port 7777 Closed" represent a a failure? Were there successful transfers at the lines including "JEP65Proxy… Adding connection"?

If the log is not set to debug (for this purpose) that would also be helpful.
0
 

Author Comment

by:LIEconomy
ID: 34146141
How can I set the log to debug? Also only one transfer was successful, and that is the first one as it was LAN to LAN. Lines 54 to 66 are failed transfers
0
 
LVL 12

Expert Comment

by:nxnw
ID: 34147455
Re: Logging - my mistake. I think its default is the equivalent of debug anyway.

Are you sure about the success and failures? Lines 58 to 63 look like a successful transfer between 172.25.0.28 and 172.25.0.24. Isn't 172.25.0.x your private network where the server is?

Please do this:
log out all iChat clients,
shut down and restart the iChat server
log in a local and remote iChat client
attempt a file transfer
provide the server and client logs from the iChat server restarting (client login for the clients) up to the failure.
0
 

Accepted Solution

by:
LIEconomy earned 0 total points
ID: 34168280
I've given up on this for now as I have more pressing matters to attend to (ie: vCenter deployments)
0
 
LVL 12

Expert Comment

by:nxnw
ID: 34168761
Just because people who provide help here do so without payment or reward, does not mean our time is worthless. It is inappropriate to solicit time and effort from people and then throw it away because you "have more pressing matters to attend to". We're all busy, Jack. If I knew you were unwilling to make a reciprocal effort, I would not have looked at your question.

Anyway, I hope you understand this perspective and are not inconvenienced by my future disinterest in your problems.
0
 

Author Comment

by:LIEconomy
ID: 34193991
I do appreciate your effort however I am spending too much time on this problem for an internal talk server. I wasn't sure if I should reward points if the question wasn't solved. I can if that is permitted.
0
 

Author Closing Comment

by:LIEconomy
ID: 34195081
Thanks for all your help though.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you other experts are anything like me you are always looking into and testing out new features. While I was doing some research one day I ran across an app that I installed on my Mac and used as a security system. Mac OS X: SecureHome uses your …
The /etc/authorization file in Mac OS X 10.x can be used to control access to the various panes of the System Preferences amongst other things. It’s used by some of us Mac Sys Admin’s to give Standard Users access to System Prefs panes that only adm…
The goal of the tutorial is to teach the user how to instant message and make a video call in Skype.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question