Hi, perhaps these firewall rules are useful to someone, works for me when "192.168.2.0/8" is the local network where the Android device connects. # firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source address="192.168.2.0/8" port port="1714-1764" protocol="udp" accept' # firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source address="192.168.2.0/8" port port="1714-1764" protocol="udp" accept'

Am 02.07.2014 17:10, schrieb Sudhir Khanger: > On Wed, Jul 2, 2014 at 8:30 PM, Richard Z <rz(a)linux-m68k.org&gt; wrote: >> Hi, >> >> perhaps these firewall rules are useful to someone, works for me >> when "192.168.2.0/8" is the local network where the Android device >> connects. >> >> # firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source address="192.168.2.0/8" port port="1714-1764" protocol="udp" accept' >> >> # firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source address="192.168.2.0/8" port port="1714-1764" protocol="udp" accept' > > I am waiting for kde-connect-0.7. In spite of disabling firewalld, > kde-connect keeps unregistering itself. Have you set your static ip to > "192.168.2.0/8"? 192.168.2.0/8 is a range, not a IP and the accepted *source* range above network basics are needed to deal with firewalls :-) http://jodies.de/ipcalc Address: 192.168.2.0 Netmask: 255.0.0.0 = 8 Wildcard: 0.255.255.255 Network: 192.0.0.0/8 Broadcast: 192.255.255.255 HostMin: 192.0.0.1 HostMax: 192.255.255.254 Hosts/Net: 16777214 whois: NetRange: 192.168.0.0 - 192.168.255.255 CIDR: 192.168.0.0/16 OriginAS: NetName: PRIVATE-ADDRESS-CBLK-RFC1918-IANA-RESERVED NetHandle: NET-192-168-0-0-1 Parent: NET-192-0-0-0-0 NetType: IANA Special Use

On Wed, Jul 02, 2014 at 08:40:49PM +0530, Sudhir Khanger wrote: > On Wed, Jul 2, 2014 at 8:30 PM, Richard Z <rz(a)linux-m68k.org&gt; wrote: > > Hi, > > > > perhaps these firewall rules are useful to someone, works for me > > when "192.168.2.0/8" is the local network where the Android device > > connects. > > > > # firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source > > address="192.168.2.0/8" port port="1714-1764" protocol="udp" accept' > > > > # firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source > > address="192.168.2.0/8" port port="1714-1764" protocol="udp" accept'> > > > I am waiting for kde-connect-0.7. In spite of disabling firewalld, > kde-connect keeps unregistering itself. did it ever pair correctly? If so then you may be hitting Android powersaving/WIFI issues.

On Thu, Jul 03, 2014 at 07:43:50AM -0500, Anthony Messina wrote: > > > I'm using the following kde-connect service template with great > success. I have also created a my_internal zone which makes it easy to > add services to that zone. That way, you don't need to add so many rich > rules; just create new services and add them to your unique source-based > zone. looks pretty good to me. Still not obvious how to package this so it would work out of the box with minimal hassle while retaining all the security?

On Thu, Jul 3, 2014 at 5:39 PM, Richard Z <rz(a)linux-m68k.org&gt; wrote: >> I am waiting for kde-connect-0.7. In spite of disabling firewalld, >> kde-connect keeps unregistering itself. > > did it ever pair correctly? If so then you may be hitting Android > powersaving/WIFI issues. > > Richard Yes, it pairs correctly. It constantly unpairs itself in kde settings. I am not of the same page with you on Android power saving wifi issues.

Did you also disable the iptables service(*)?

Hi, perhaps these firewall rules are useful to someone, works for me when "192.168.2.0/8" is the local network where the Android device connects. # firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source address="192.168.2.0/8" port port="1714-1764" protocol="udp" accept' # firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source address="192.168.2.0/8" port port="1714-1764" protocol="udp" accept' Richard --- Name and OpenPGP keys available from pgp key servers _______________________________________________ kde mailing list kde(a)lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/kde New to KDE4? - get help from http://userbase.kde.org

As far as I know, it is against Fedora policies, so no.

Wait - you're saying that it's against Fedora Policies to ship firewall rules for applications that need network access? Somebody needs to let the Server Working Group know about that - they are working on the packaging of firewall rules for every role they're creating.

perhaps these firewall rules are useful to someone, works for me when "192.168.2.0/8" is the local network where the Android device connects.