-
-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What ports need forwarded for BEAST/MLAT (or are they even open on the feeder image?) #104
Comments
Some of the input ports listed here...should we be listening on those to outside addresses? Otherwise why would some of the adsb sites be trying to connect to my feeder? |
No external ports should need to be opened. All my feeders run behind completely locked down (inbound, that is) firewalls. |
Good to know, same situation here...makes it weird, though, that some of the ADSB mapping sites are trying to connect to my MLAT and BEAST ports then, no? |
I'm curious who's connecting. I assume you have done RDNS lookups? |
Yes - radarplane.com |
Makes me think that we may need to optionally open ports for further MLAT/BEAST operation? May have to see what other feeder images for specific sites are doing? |
@katlol - I'm curious about the connections from your server back to a feeder... how is this supposed to work? Almost any feeder I can think of sits behind a typical firewall that would block direct access. I must be missing something... |
You know what, I may be stupid... I just noticed that the log says this was on my LAN side...and it's the IDS/IPS. So I think it may be, in fact, that suricata just falsely flagged these. |
That would make more sense - I trust @katlol not to do something odd like this - but I'm traveling right now and can't easily access my own firewall logs to see if I might also have such connection attempts, so I took your word for it... 🤷🏼♂️ Sorry for the noise, Katia. |
Sorry for the mistake - I'm in between caffination sessions. |
For beast , it's a (mostly?) one way communication from you to the aggregators via beast, for MLAT, you get mlat results back on the same port you connected for MLAT. Either way, you are not expected to port forward any ports nor does adsb.lol connect to your IP |
Thanks for confirming, Katia. |
In my firewall logs I notice some of the aggregators hitting ports like 30004, 30001, 31090 - do I need to forward these to my feeder for MLAT/BEAST purposes?
If there is a case like this or any others it would be nice to have it documented somewhere here and in the feeder image web console, perhaps?
The text was updated successfully, but these errors were encountered: