Firewall blocking mDNSResponder data port 5353 on office network

Similar Messages

• HT3576 how can i verify that the network or firewall is not blocking access to port 5223.

  how can i verify that the network or firewall is not blocking access to port 5223?

  Talk to someone who knows something about networking and/or firewalls on an appropriate forum.
  Configuring your network and/or firewall is beyond the scope of this forum, which is devoted to issues using the iPhone.

• HT3576 How do you, verify that the network or firewall is not blocking access to port 5223.

  How do you, verify that the network or firewall is not blocking access to port 5223.

  Maybe:
  http://answers.yahoo.com/question/index?qid=20110606132954AAZH4Tc
  http://forum1.netgear.com/showthread.php?t=48533

• Opening Firewall Port 5353 solves problems?!

  I found this by Google:
  If you have tried to operate AirTunes with an Airport Express on a Windows XP PC with the firewall (or a third-party firewall) enabled, then you will realise you have problems.
  Rather than disable the firewall, you can just open port 5353 and all will work fine.
  Having said that if you have router with NAT and DHCP this acts as a hardware firewall and computers on your internal network do not need software firewalls. Though some people like them for security and to stop unauthorised (ie spyware) outgoing connections.

  I thought I recognised my own writing...
  Opening port 5353 in the Windows XP Firewall to enable an XP PC with SP1 to configure the Airport Express and use AirTunes
  http://www.ifelix.co.uk/tech/2005.html
  Principles are virtually the same for XP SP2
  "Well Known" TCP and UDP Ports Used By Apple Software Products
  http://docs.info.apple.com/article.html?artnum=106439

• Firewall blocks DHCP after Logic Board Change

  I had my computer in repair and they changed the logic board. Since then "Set access to specific services" setting misbehaves and blocks DHCP configuration.
  After the repair it asked me to allow incoming connections for configd. I denied because I did not know it.
  Problem: configd is not listed in Preferences so it cannot be unblocked!!!
  How can I completely reset the rules table and start over?
  Firewall[41]: Deny configd data in from 10.37.129.1:67 uid = 0 proto=17
  Firewall[41]: Deny mDNSResponder data in from 169.254.203.40:5353 uid = 0 proto=17

  I give up. This is a horrible issue. Now, the Firewall blocks internet access to configd and mDNSResponder after wakeup from suspend despite being on the "Allow all incoming" list of the System Preferences panel.
  The firewall has become useless.
  Jul 17 14:22:13 garfield2 Firewall[42]: Deny configd data in from 10.37.129.1:67 uid = 0 proto=17
  Jul 17 14:22:15 garfield2 Firewall[42]: Deny configd data in from 10.211.55.1:67 uid = 0 proto=17
  Jul 17 14:22:22 garfield2 Firewall[42]: Deny configd data in from 10.37.129.1:67 uid = 0 proto=17
  Jul 17 14:22:24 garfield2 Firewall[42]: Deny configd data in from 10.211.55.1:67 uid = 0 proto=17
  Jul 17 14:22:30 garfield2 Firewall[42]: Deny configd data in from 10.37.129.1:67 uid = 0 proto=17
  Jul 20 09:18:58 garfield2 Firewall[42]: Deny mDNSResponder data in from fe80::21b:63ff:fe9b:37d4:5353 uid = 0 proto=17
  Jul 20 09:18:58 garfield2 Firewall[42]: Deny mDNSResponder data in from fe80::21c:42ff:fe00:0:5353 uid = 0 proto=17
  Jul 20 09:18:58 garfield2 Firewall[42]: Deny mDNSResponder data in from fe80::21c:42ff:fe00:1:5353 uid = 0 proto=17
  Jul 20 09:18:58 garfield2 Firewall[42]: Deny mDNSResponder data in from fe80::21b:63ff:fe9b:37d4:5353 uid = 0 proto=17

• AVG Firewall blocking AirPlay.

  Hey
  My AVG Firewall is blocking iTunes from sending out AirPlay. And when I want to use it I have to stop my Firewall which I don't really want to do.
  I have iTunes, and Bonjour in the firewall exceptions, but still blocks.

  I finally figured out how to solve this problem. Air play uses port 5353 for AirPlay which is normally blocked by AVG firewall. http://support.apple.com/kb/TA21543
  I unblocked port 5353 in AVG (v10) using this method
  1. Open AVG
  2. Go to Firewall settings
  3. Click on "Tools/Firewall Settings"
  4. Go the the Profile you want (Small Home or Office Network, ect.)
  5. Click "System Services"
  6. Under "User defined system rules" Click "Manage user system rules"
  7. Click add
  8. Make sure you have the settings the same as the following
  protocol - UDP
  direction - Both ways
  local port - User selected port (enter 5353 as the defined port)
  remote ports - Same as local port
  remote address - local network
  9. Name the Rule
  10.Click OK,  (You should see the rule listed now) then OK again
  11. Click Apply and restart iTunes
  Hope this solves your problem
  Taylor

• Confused with Firewall Blocking

  I have my Firewall configured to "set access for specific applications and services". Now, my understanding here is that if I set an application to "Block Incoming Connections", that application should not be able to receive any data from the network or internet. However, when I actually try this, the blocked application seems to have no trouble at all receiving data (for example, checking for updates over the internet). Can anyone explain this feature to me?

  {quote}
  Ok, try this, Another user named Noisyboy2006 posted for me...
  "Apple have dumbed down the terminal to make osx more secure. As you've discovered you can no longer open a port from preferences. You can however use terminal.
  The synatax of the command is:
  sudo ipfw add allow udp or tcp from port to port
  For example to open port 80 for TCP you would type:
  sudo ipfw add allow tcp from 80 to 80
  to see a list of open ports type:
  sudo ipfw list
  you'll see something like this:
  33300 deny icmp from any to me in icmptypes 8
  33400 allow udp from 0.0.0.80 to 0.0.0.80
  33500 allow tcp from 0.0.0.80 to 0.0.0.80
  What a useless tool for the average user. Try to explain this to your Mom or an out of state client, over the phone. Even if they get it right, it doesn't fix or configure the NAT firewall in the router.
  Any program or system that requires Terminal is not for prime time on MacOS. System administrators will eat this up, but end users would and should just tell Apple to fix this mess. The Vista firewall and the 25 page "white page" description is the same mess.
  Just get a good effective firewall like Little Snitch, turn off the Apple firewalls and get some work done. If you're lucky, you will be able to open the required ports in your router and deal with rule based programs with a decent interface and the ability to block out-going ports.

• Firewall blocks Airplay (even under 'allow all traffic')

  Hi every body,
  I am somewhat at the end of my knowledge. I have a mac mini server running Lion 10.7.2 server. Interestingly, my the server's firewall blocks
  a) all airplay traffic and
  b) 'reading Airport confirguration' requests
  even when the firewall is set to 'allow all traffic'. However, when I completely switch it off, everything works just fine.
  Any help would really be appreciated.
  Thanks a lot.
  Nonresidentalien
  P.S. I have also tried to open ports 80 (t), 443(t), 554 (t/u), 3689(t), 5297(t), 5289(t/u), 5353(u), 49159(u) and 49163(u) with no success

  Pointing to the IPv6 thread was a good idea. After reading it, I found out that the firewall preferences in Server Admin only show you IPv4 related firewall rules.
  There is a terminal command that allows you to play with IPv6 rules. And by doing so, I was actually able to get AirPlay working again.
  First, you want to show you the current IPv6 firewall rules. In my case they looked like this (10.7.2):
  reptilehouse:~ sascha$ sudo ip6fw show
  01000        285      96163 allow ipv6 from any to any via lo0
  01100         66       5750 allow ipv6 from any to ff02::/16
  65000          0          0 deny ipv6 from any to any
  65535          6        306 allow ipv6 from any to any
  As you can see, rule number 01100 only allows traffic to the local subnet, while the next rule (65000) blocks anything else. So you want to get rid of 65000:
  reptilehouse:~ sascha$ sudo ip6fw delete 65000
  To confirm, show the rule table again and you should see 65000 is gone:
  reptilehouse:~ sascha$ sudo ip6fw show
  01000        285      96163 allow ipv6 from any to any via lo0
  01100         66       5750 allow ipv6 from any to ff02::/16
  65535          6        306 allow ipv6 from any to any
  Mind you, the rule numbers could be different on your system and you could see more or less rules. But you get the idea.
  What I don't know if whether this is sticky, e.g. survives a reboot.

• Firewall Blocking Wiki for ONE User

  This is a very bizarre issue that I hope someone can help with. We're running 10.6.8 server to host our internal wiki. We had the firewall enabled on that machine without any issues. Last week one user wasn't able to get onto the wiki. In troubleshooting their workstation I found they couldn't access the wiki via Safari under any user account (including a fresh test account). They *could* access it through another browser (Chrome + FF). They could also access sharepoints on that server. I deleted some Safari system-wide prefs to no avail.
  For kicks, I disabled the firewall on the server and they could access the wiki via Safari. So, I assumed it was the adaptive firewall. I checked the AF blacklist file but her machine wasn't on it. In spite of that I whitelisted the user's machine, no change. I disabled the adaptive firewall altogether, no change. I enabled logging for denied packets and watched when her machine connected. Four ports were blocked, 4097,2052,17500,5353. I've temporarily created a FW rule to allow those ports, no change. I then tried keeping the firewall on but allowing all connections and she still couldn't access the wiki from Safari on her machine.
  I'm stumped. It seems like it should be the adaptive firewall but that makes no sense when there's nothing in the blacklist file and the AF is disabled. Any ideas would be greatly appreciated. I realize she can use Chrome or FF as a workaround for now but it should be a resolvable issue.

  Adam, the basic content filter on RV082 does not support the scenario your described. However the ProtectLink Web subscription does allow you to specify select IP addresses to be exempt from the url filter.

• Firewall blocks Apple's Network Time Protocol

  Hi,
  I admit to not fully understanding everything about the Firewall on OS X server 10.4.11 and I'm hoping someone can help with a little(?) problem.
  On the WAN side, my "gateway" server is connected directly to my SpeedTouch 780 modem with a fixed IP address. On the LAN side are a couple of switches and then an Airport Extreme base station (192.168.2.249). This broadcasts wirelessly to a more distant Airport Express (192.168.2.247). Both WiFi devices are configured to obtain the time from Apple's European servers.
  After completing a Carbon Copy Cloner of my OS partition and rebooting on my usual volume I noticed the following denials in my Firewall log:
  Dec 28 12:50:16 nl1 ipfw: 65534 Deny UDP 17.72.255.12:123 192.168.2.249:3987 in via en0
  Dec 28 12:40:25 nl1 ipfw: 65534 Deny UDP 17.72.255.12:123 192.168.2.247:3814 in via en0
  In SA --> Firewall --> Settings --> Services --> Edit Services for: 192.168.1-net (en0/modem connection)
  I have the "Allow only traffic for: 192.168.1-net on these ports" checked and
  NTP - Network Time Protocol UDP/TCP is also checked.
  Under, Edit Services for: any
  I have the "Allow only traffic for: any" checked and
  NTP - Network Time Protocol UDP/TCP is also checked.
  Under, Edit Services for: 192.168.2-net (en1/LAN)
  I have the "Allow all traffic for: 192.168.2-net" checked.
  1) Why is this traffic being blocked?
  2) Why does the port number seem to get changed in transit? (I've got NAT running and Open Directory).
  3) Does the configuration under, "Allow only traffic for: any" overrule all other Firewall settings? So if for example a port under, "Allow only traffic for: 192.168.1-net on these ports" wasn't checked but was under, "Allow only traffic for: any", would the traffic be allowed through?
  Thanks and happy new year!
  Michael Franks

  Do you have NTP activated? Does it work? If it doesn't and you have the firewall activated, then open the required port. If it is working then don't worry about it.

• 10.6 Server's Firewall Blocks It's Own Internet Connection

  I had this problem about two years ago when I was trying to run 10.6 on my home server (Mac mini) for the first time. Eventually I gave up, reverted the mini back to 10.5, and ram problem-free for years. When 10.7 came out, I tried to upgrade the mini to that. That didn't go well either, but mostly due to Lion missing many many features (suprise!). So I figured that 10.6's problems were fixed by now, and gave it another shot. It went fine and I've been running for about a month problem free (or so I thought). But now it's offline again. I finally found one other person on another forum that had the EXACT same problem as me. And reading this description, I realize that I have been having problems all long, I just assumed they were my ISP's problems, not my own.
  So here's what happens. The firewall in 10.6 server will "freak out". It will be running normally, then suddenly it will go haywire and block everything. And I mean everything. My computer won't even be able to get an IP via DHCP. Everything is blocked. But as soon as you stop the firewall, everything works normally. You can even modify the firewall rules, and set it up so there are NO deny rules, and EVERY connection to and from every host is set to allow. And the firewall still blocks everything. This is the same exact thing that happened 2 years ago when I first tried to run 10.6 Server on my mini. The difference is that back then, this would happen either immediatly, or within a day. This time around, with 10.6.8, it took about a month before suddenly, without any provocation, all internet connections stopped.
  I've had this happen on multiple computers. I don't do anything special, I just set up a basic firewall scheme where everything in the LAN range is allowed, and everything from "any" is allowed only to service ports I'm running. The basic gateway setup. Now I was running 10.6 Server on my laptop (for netbooting) and it would do the same thing. But because my laptop wasn't acting as a gateway, I could just turn the firewall off (you need the firewall for NAT). My mini server IS acting as a gateway, as was another mini I set up for a client of mine (that eventualy I changed over so they were running off an airport, and the mini server was just a client. But I don't want that setup at home, I want my mini to be the router).
  I have verizon Fios internet. 25/25, it's great. The ONT is in my basement, and it's plugged into the same fused outlet as our freezer. From time to time, when the power goes out, it trips that breaker and the outlet goes dead. My itnernet is gone and I have to go reset the outlet. Once I do, my mini won't get an IP from Verizon until I reboot the mini. Not once. Not twice. Usually 5-10 reboots, and suddenly it will get an IP. I always assumed this was a verizon problem. Until I read someone else's post about this same problem. Turns out, that's the firewall blocking DHCP again! If you turn the firewall off, you don't have to keep rebooting, it will grab an IP right away.
  At least I'm not crazy! So what is going on here? Does anyone have any idea what is going on with my firewall, or how I can fix it?
  Lastly, after 4.5 hours of complete inability to get an internet connection with the firewall on, it just started working again. I now have fully functional, normal internet. I find it hard to believe 10.6 has a firewall that is simply broken. I find it even harder to believe I'm imagining things, or that I've had fluke after fluke. Something is going on with 10.6 Server.

  The DNS skapegoat just doesn't make sense.
  Why would "improper" DNS cause OS X's firewall to block all network connections? Even the server's ability to make it's own DHCP connection?
  As far as a router, I don't want to use a cheap unreliable residential router. I have a home file server that, aside from running 10.6, makes a super reliable router. And port mapping aside, OS X Server's DHCP server is great to use. Rock solid. It makes no sense to run a cheap residential router when I have a home server. Then every 6-18 months, I get to deal with that router slowly failing, as my internet connection gets slower and slower. No thanks.
  So back to this firewall issue. I've talked to Apple aobut this before, and they give the same generic "DNS has to be right" answer to basically every problem I've ever had with 10.6 Server (hinting at endless CalDAV problems). But no one has every explained what that specifically means, or how something like wrong DNS (whatever that even means) can cause the firewall to block everything. This just makes no sense to me. And this especially does not explain why, after 10 reboots or so, everything just magically starts running normally.
  I just had an incedent today where I woke up to no internet. I rebooted 3 times. Each time, I either got a self-assigned IP address, or the ethernet interface would toggled between "unplugged" and "no-ip". I could turn the firewall off and the server would INSTANTLY start functioning normally. I'd happily run without a firewall, and just turn all services I'm not using off. However NAT needs the firewall, so without the firewall, the Server is the only Mac on the network that has an internet connection. So I kept rebooting and rebooting, and I think about 8 reboots later, like magic, the server came up, grabbed an IP, and everything started working normally.
  Also my IP through my ISP is dynamic, and that isn't going to change. So yes, I am trying to use OS X Server as my router on a dynamic internet connection. I've been doing this since the days of Mac OS X Server 10.1. Only 10.6 has had any problems at all.
  So really, "10.6 is more picky about DNS" isn't an answer to this problem. Or, at least, it's not a sufficient answer. I need much more information than that.

• Should I block TCP/UDP ports 135 to 139 on my router?

  For the sake of Internet and Desktop security should I block TCP/UDP ports 135 to 139 both ways at all times on my router?  This seems to be recommended for Windows environments. Does Mavericks need these ports for its proper operation?  When tested, ports 135, 137,18 show as closed whereas all other ports are Stealth.  Ideally, they should all be Stealth.

  Have a read here: http://securityspread.com/2013/07/26/firewall/
  Stealth is just as good as closed, some would argue that stealth is just as much of a giveaway of the port being present as it being closed.
  The specific ports you mention pose no risk to OS X as far as I am aware.

• ITunes 6, WinXP, port 5353

  my iTunes insists on trying to access port 5353 every so often, no matter what I do. I've gone through the iTunes preferences three times now, disabling anything having anything to do with network traffic, and still failing. I have disabled sharing my music, accessing other people's shared music, stupid apple wlan speakers that only work with iTunes, and disabled pod casts, I couldn't care less about them. It seems the macs in my network are bombarding my machine, too, with the same annoying feature. Oh well.
  How do I tell iTunes not to try to access that network port, ever, for any reason? By uninstalling it? If the options are either uninstall or blocking it permanently from my software fire wall, I rather uninstall it and find a software that does what I tell it to, and nothing else. Too bad that probably means I have to throw away my 40GB iPod, but that's life.

  Yes, I saw that 5353 was used for Bonjour/music sharing. However I have uninstalled that service...iTunes keeps using it, though.
  (apologies, working from potentially-unreliable memory here, filtered through a lack of basic understanding of the technology ... most of the Snoop Dogg and toonz posts i saw on this have been in threads deleted recently.)
  my understanding is that all itunes versions with music sharing apart from 5.0.0.35 contained a cut-down "internal" version of the Bonjour/Rendevous technology. 5.0.1.4 reverted back to the version of the internal service used by 4.9.
  so i figure that 4.9 version of the internal service (or something similar) is still going on with 6.0.x.
  love, b

• Firewall Blocking Internet Access

  Looking for suggestions to solve this problem. Multiple computers in my home will suddenly be unable to access the internet. Turning the firewall off for a few seconds, then back on will eliminate the problem on each computer affected. This problem seems to have shown up after the last security update, but not immediately. When unable to access the internet, if I look at the network system pref, it lists an ip address of 167.xxx.xxx.xxx. After toggling the firewall, I will get my normal 10.0.0.x back.
  The issue seems to manifest a couple times per day, and almost certainly if the computer goes to sleep or is restarted. It happens on both my desktop and my laptop running 10.5.8, but not on a g3 imac running 10.4.11.
  If I look at the firewall log I see multiple messages about "Firewall[90]: Deny mDNSResponder data in from...." These show up constantly about every 30 seconds or so. I am guessing this may have something to do with the issue as I do not see these messages in the G3 imac's log file.
  Network is set up with a time machine with three macs (one g3 imac running 10.4.11, a G4 MDD running 10.5.8 - both wired connections, and a G4 ibook running 10.5.8 (wireless) as well as a couple network printers, dish, slingbox, a linksys switch etc.
  Any suggestions would be appreciated as this is getting very annoying. Thanks.

  I'm sorry, I said time machine and meant time capsule. The time capsule is set up as the router, and the linksys device is only a network switch. The modem is capable of functioning as a router also, but I just verified it is only functioning as a high speed modem (according to my isp). I have tried restarting and reconfiguring the time capsule, but it has not seemed to affect anything. It seems to me data goes out (ie to printer or network drive or internet), but does not come back.
  Also, I have switched locations of the G4's and the G3 and get the same result.... the G3 always works, the G4's only work when their firewalls are toggled off. I have at this point tried reinstalling a 10.5.8 combo on the laptop to no avail. I think I might just do a clean install of OSX from CD and see what happens. Thanks for the reply.

• How to read value of row x from data port while measuring

  Hello,
  i am quite new at Diadem and just did some easy stuff and Tutorials.
  For a project I have the following situation/problem:
  I save many measured values at the data port during the measuring itself. For a "stop-condition" of the DAC/Measurement i have to compare two values:
  1) the current, measured value (time: t1)
  2) the measured value at 0.5 * t1 (that means at the half of the time), which is sored at the data port.
  This comparison has to be done all few seconds (with the same clock the values are getting "saved" at the data port).
  Would be great if anyone knows how to solve.
  Thanks a lot in advance.

  Hi Student5088,
  I used a Copy-Block to create a delay for a certain number of values (time) of a signal. With that you can continuously compare signal at T1 with Signal at T1*0.5.
  Greetings
  Walter
  Attachments:
  Compare.DAC ‏28 KB