xAPFlash and port forwarding

20 replies [Last post]
Alanmh
Offline
Reading, United Kingdom
Joined: 7 Jul 2010

 have two issues that I dont think are related, but may be:

1. I have xAPFlash installed on a linux box on 192.168.1.30 and iserver on the HAH on 192.168.1.20. On the internal network all is great, but from outside, I get the page, but no info in the boxes that should show me watts and temp. Also the lightbulbs are missing if you know what I mean.

2. The new xAPFlash gui on the HAH works with the basic page, but no info in the boxes even in the internal network.

I have pport 80 forarded to the linux box and have tried all combinations of ports 996 and 843 to both boxes.

any ideas?

thanks 

Alan

brett
Offline
Providence, United States
Joined: 9 Jan 2010
Ports

OK here is the issue.

When you are OUTSIDE your network the xapconfig.xml file will probably have been setup with an INTERNAL IP address - this is the file being served up by the webserver to your EXTERNAL browser, it should be your EXTERNAL facing IP so the flash application know where to reach the iServer.

By default on the HAH in /etc/www/xapconfig.xml you will find you are using your LAN IP - not good if you need external access too.

                <iserver>
                        <port>9996</port>
                        <ip>192.168.1.8</ip>
                </iserver>

What you need is

                <iserver>
                        <port>9996</port>
                        <ip>myhah.dyndns.org</ip>
                </iserver>

Where myhah.dyndns.org is a dynamic DNS entry that is automatically being updated by your NAT ROUTER or by some other program running inside your network.

Which brings me to point 2 - The xapflash application is now running outside of your firewall and trying to reach back INTO your network so it can contact the iserver running on port 9996. You also need to make sure you port forward for this.

UPDATE: I forgot one other point the iServer is also acting as a Flash Policy Server which serves up authentication information to flash applications.  This listens on port 843 so you will probably need to port forward that from your router to where the iServer is running too.

http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html

Brett

ps: This is all guess work as I haven't actually done this - but I can clearly see the problems.

brett
Offline
Providence, United States
Joined: 9 Jan 2010
Exposing yourself

On a personal note I never expose anything outside of my internal network like this, I simply run an PPTP server on my ROUTER (running opensource dd-wrt) and an OPENVPN server on a always on Laptop that is port forwarded from the router.  If I want access to something inside my network when I'm away from it I authenticate first to one of these servers and use a secure connection.  It also means I don't have to worry about all this port forwarding NAT stuff as my internal network is now just routed to where I am.

I run a VPN tunnel into Derek's network like this too so we can both see each other internal machines - handy when I have to debug and check on his livebox... as it just works!

It all depends on the level of security you are comfortable with - I tend verge on paranoid.  They ARE all out to get me.

Brett

Alanmh
Offline
Reading, United Kingdom
Joined: 7 Jul 2010
Thanks but no joy

Thanks Brett

I put the dyndns url into the xapconfig file, but still no change. 

I also have the ports forwarded as follows:

 

Private IP Protocol Type Public Start Port Public End Port  

192.168.1.30 ALL 80 80

192.168.1.20 ALL 843 843

192.168.1.20 ALL 9996 9996

 

I have looked at the VPN route, but short of buying a WRT54, I am not certain that it is trivial for me.

 

brett
Offline
Providence, United States
Joined: 9 Jan 2010
Some more clarification

I'm little confused by your setup you are also serving xapflash.swf from .30 which is some standalone setup?    If so this is the xapconfig.xml where you need to setup the IP for external access.    The .20 which I'm assuming is the HAH you should NOTplay with any xapconfig.xml setting there as this is not being used in this capacity anyway.

I think the problem is your failure to understand the architecture in which iServer/xAPFlash/HTTP and the router are all operating in, once you have this clear then you'll be confident about what changes you have to make, and more to the point why you need to do this.  Let me clarify a little.

The WebServer (Apache/Kloned whatever) is only used to serve up the FLASH application and its resources to the browser over port 80 after that its NEVER used. Lets get that clear. The FLASH application once loaded will make a connection to the iServer and Flash Authentication Server; Ports 9996 and 843.  These are defined in the xapconfig.xml that was served up by the WebServer.

So where ever you are serving the xAPFLash application from this is where you ALSO need to adjust the xapconfig.xml file to have an external IP as part of its configuration.  Your router must be setup to PORT 80 to where you web server is and PORT forward 9996 and 843 to where the iServer is.  (I think you have done that).

I'm assuming you HAVE dyndns setup and you weren't just using my example verbatim?
Try putting in your external IP for the xapconfig.xml for now you can circle back and use a dyndns provider later.

Its a bit tricky for me to test how it might be done as I have no livebox HAH anymore, its packed up for shipping. :(

Brett

Alanmh
Offline
Reading, United Kingdom
Joined: 7 Jul 2010
That is exactly what I have done

your assumptions are correct. 

.30 is an apache server whose only purpose is to server the swf file to the mobile browser - Check!

The xapconfig.xml file on .30 has the dyndns url (for the router) - check! (actually it was in config.xml as in the wiki)

port 80 is forwarded to .30 - Check!

The dyndns setup is working - yes checked from my mum's house last week - Check!

.20 is the HAH - Check!

iserver is running on .20

ports 9996 and 843 are forwarded to .20 - Check!

 

Will try the external IP now and post the result.

Alanmh
Offline
Reading, United Kingdom
Joined: 7 Jul 2010
AHA!Something worked, but not

AHA!

Something worked, but not until I cleared the cache and history on my phone.

It may be the location of the ip address (xapconfig instead of config with override)

Here is the original Config.xml:

 

 

<?xml version="1.0" encoding="iso-8859-1"?>

<joggler>

<version>0.5</version>

<name>ahscs5</name>

<xAP>

<uid>0738</uid>

</xAP>

<usejogglerapi>true</usejogglerapi>

<configfilelocation>local</configfilelocation>

<configfile>xapconfig.xml</configfile>

<override>

<config>

<iserver>

<port>9996</port>

<ip>xxxx.dyndns.net</ip>

</iserver>

</config>

</override>

</joggler>

brett
Offline
Providence, United States
Joined: 9 Jan 2010
I've been stung by this before

YES I forgot to mention if you have tried this ONCE then you would probably find that the xapconfig.xml has been cached by your browser and will not be reloaded with the changes you have made.     You must ALWAYS dump you cache on your browser whenever you make a change to the xapconfig.xml file to make sure you are using the latest.

Damn I should have thought of that - I've been stung by it as well.

Brett

Alanmh
Offline
Reading, United Kingdom
Joined: 7 Jul 2010
I dont think that was the

I dont think that was the fix. 

I know about browsers and cahces on mobiles - that is what I do.

It seems to be a dns resolution issue now. its working with the external IP address in just the config.xml file.

Sorry for the spam - I was trying to edit the above post to put in the indents.

brett
Offline
Providence, United States
Joined: 9 Jan 2010
IP vs NAME

It might be that the flash app can't hande a name and needs an IP?  I would find this odd.

Best best would be to drop an email on the xapflash forums and ask about this.

I know about browser caches too but sometimes it what you know about and don't consider it breaking that bites you!

Brett

Alanmh
Offline
Reading, United Kingdom
Joined: 7 Jul 2010
Indeed - thanks for your

Indeed - thanks for your help.

I cant play anymore today, but will come back to this.

AndrewJ
Offline
United Kingdom
Joined: 22 Nov 2012
Hi,also having a few issues

Hi,

also having a few issues setting this up

replaced my ip address in both the Config.xml and xapconfig.xml with my domain@dyndns.org

port fowarded ports 80, 348, 3639, 9996 on both UDP and TCP for the sake of ease

can happily browse to the xAPFlash GUI but no connection to iServer from what i can gather

seems to work fine on my internal network, could be dns i guess....

any pointers?

Thanks

Andy

brett
Offline
Providence, United States
Joined: 9 Jan 2010
Make sure that between any

Make sure that between any XML configuration change you DUMP the browser CACHE otherwise it will continue to use the xml that was wrong on your first attempt to get it working.

Brett

AndrewJ
Offline
United Kingdom
Joined: 22 Nov 2012
Thanks Brett,I have indeed

Thanks Brett,

I have indeed cleared the cache several times with various browsers and have tried to access on new devices from different locations

but still no go...

heres a snippet of my Config and Xapconfigs below and my routers port forwarding for ports 843, 9996, 3639

i have kept my dns host and password out of this email for security

config.xml

<?xml version="1.0" encoding="iso-8859-1"?>
<joggler>
    <version>0.5</version>
    <name>joggler</name>
    <xAP>
        <uid>0739</uid>
    </xAP>
    <usejogglerapi>true</usejogglerapi>
    <configfilelocation>local</configfilelocation>
    <configfile>xapconfig.xml</configfile>
    <override>
        <config>
            <iserver>
                <port>9996</port>
                <ip>mydomain.dyndns.org</ip>
                <password></password>
            </iserver>
            <pausescreensaver/>
        </config>
    </override>
</joggler>

xapconfig.xml

<?xml version="1.0" encoding="windows-1252"?>
<joggler>
    <version>0.5</version> <!-- version number -->
    <config> <!-- config section -->
        <iserver> <!-- iserver section -->
            <port>9996</port>  <!-- iserver port -->
            <ip>mydomain.dyndns.org</ip> <!-- iserver ip address -->
        </iserver>
        <xAP>
            <bscbuttons>false</bscbuttons>
            <bscpages>false</bscpages>
        </xAP>
    </config>

 

kevin
Offline
Huddersfield, United Kingdom
Joined: 17 May 2010
As per the previous posts I

As per the previous posts I am not sure that a domain name can be resolved.. or has someone got this working ?

K

AndrewJ
Offline
United Kingdom
Joined: 22 Nov 2012
Kevin,The only person who i

Kevin,

The only person who i think has got this to work is Alanmh in post 6 above

Andy

kevin
Offline
Huddersfield, United Kingdom
Joined: 17 May 2010
Ahh - missed that - good to

Ahh - missed that - good to know as I coded nothing myself to specifically handle this in xAPFlash - it must be inbuilt Flash functionality.

 

K

AndrewJ
Offline
United Kingdom
Joined: 22 Nov 2012
Yes hopefully he will be

Yes hopefully he will be around to confirm it is indeed working for him, i've not managed to get it working for me just yet - i may attempt to use the iserver on the Joggler

by the way, not to start of a multithead topic but did you have any plans to release V6? i remember you had it under construction some time ago but wanted to see how V5 went with the community?

kevin
Offline
Huddersfield, United Kingdom
Joined: 17 May 2010
I have no absolute

I have no absolute confirmation that DNS works in resolving the domain names but if anyone does have this working please let us know... .?

V6 has significant differences to v5 and I feel that whilst it works for my needs it's not robust enough for public consumption and I'm not in a position to support it adequately.. or maintain the code to make it suitable for everyone.  Flash is pretty much EOL now anyway...or at least ActionScript heavy code is.

 

K

brett
Offline
Providence, United States
Joined: 9 Jan 2010
I want to have all my

I want to have all my configuration on my Livebox and have the joggler pulls its configuration from there.  I found that if I used a domain name (yes I run my own local DNS) I just could not get things to work.

So I think if you are trying to use DNS to identify your external IP address you'll run into the same problem I did.  DNS does not work.

Brett

AndrewJ
Offline
United Kingdom
Joined: 22 Nov 2012
Thanks Kevin,I agree with the

Thanks Kevin,

I agree with the future of Flash / Actionscript - V5 works great for me so im more than happy

Same here... no DNS working for me.

Andy

Hardware Info