Linux.HylaFAXFirewall History

Hide minor edits - Show changes to markup

Thursday 24 November 2005, at 02:26 GMT+8 by Renaud -
Changed lines 20-21 from:

I use the strong firewall scripts from Linux IP Masquerade HOWTO and added teh ports=21,4559 to the script in the appropriate section (just search for ip_conntrack_ftp in the script).

to:

I use the strong firewall scripts from Linux IP Masquerade HOWTO and added the ports=21,4559 to the script in the appropriate section (just search for ip_conntrack_ftp in the script).

Changed lines 31-33 from:
  • Go to Start->Coontrol Panel->Printers and Faxes and select the properties of the new HylaFax printer you just added.
  • Select the Ports tab and press Configure Port.... \
to:
  • Go to Start->Coontrol Panel->Printers and Faxes and select the properties of the new HylaFax printer you just added.
  • Select the Ports tab and press Configure Port.... \
Changed lines 39-40 from:
  • Don't forget that you have to do that configuration in the Device Settings page and in the Printing Defaults of the Advanced page and on the Printing Preferences of the General page.
to:
  • Don't forget that you have to do that configuration in the Device Settings page and in the Printing Defaults of the Advanced page and on the Printing Preferences of the General page.
Thursday 24 November 2005, at 02:23 GMT+8 by Renaud -
Changed line 5 from:
  • ability to receive incoming faxes as PDF email attachements, so I can retrieve my faxes from anywhere.
to:
  • ability to receive incoming faxes as PDF email attachments, so I can retrieve my faxes from anywhere.
Changed line 7 from:
  • ability to be notified of any failure or success by email, to make sure that the recipient actually received the fax, or to let someone trying to fax you that know that there is an issue.
to:
  • ability to be notified of any failure or success by email, to make sure that the recipient actually received the fax, or to let someone trying to fax you know that there is an issue.
Tuesday 25 October 2005, at 12:28 GMT+8 by Renaud -
Changed lines 20-21 from:

I use the strong firewall scripts from Linux IP Masquerade HOWTO and included that configuration in the appropriate section (just search for ip_conntack_ftp in the script).For instance, I have the following entries in the Optional Input section of the script:

to:

I use the strong firewall scripts from Linux IP Masquerade HOWTO and added teh ports=21,4559 to the script in the appropriate section (just search for ip_conntrack_ftp in the script).

To allow incoming requests from my office (let's pretend it's 22.56.124.56), I would have the following entries in the Optional Input section of the firewall script:

Changed line 24 from:

echo -e " - Allowing EXTERNAL access to the FAX server from the Office only"

to:

echo -e " - Allowing INCOMING access to the FAX server from the Office only"

Tuesday 25 October 2005, at 10:58 GMT+8 by Renaud -
Changed line 1 from:
to:
Tuesday 25 October 2005, at 10:57 GMT+8 by Renaud -
Changed lines 1-2 from:

For faxing I use http://www.hylafax.org/HylaFAX on my home multipurpose linux server.

to:

Attach:hylafax.png Δ For faxing I use HylaFAX on my home multipurpose linux server.

Added line 15:
Changed lines 17-19 from:
  • Make sure your firewall accepts passive connections from this port: in Linux, use modprobe ip_conntrack_ftp ports=21,4559.\\
to:
  • Make sure your firewall accepts passive connections from this port: in Linux, use modprobe ip_conntrack_ftp ports=21,4559.
Changed lines 31-33 from:
  • Select the Ports tab and press Configure Port.... Make sure that the information entered there is right: in my config, the modem is on ttyS1 for instance, and the username and password have to match those you set up in the hosts.hfaxd file above. Your Server adderss must also be right of course. If you want to be notified by email of the success of failures, make sure the default notify is set to a valid email address.
  • If necessary, don't forget to configure the printer driver's properties to a minimum: disable any extra feeders or functionality offered by the print driver and make sure your paper size is correct. Don't forget that you have to do that configuration in the Device Settings page and in the Printing Defaults of the Advanced page and on the Printing Preferences of the General page.
to:
  • Select the Ports tab and press Configure Port.... Make sure that the information entered there is right: in my config, the modem is on ttyS1 for instance, and the username and password have to match those you set up in the hosts.hfaxd file above.Your Server adderss must also be right of course. If you want to be notified by email of the success of failures, make sure the default notify is set to a valid email address.
  • If necessary, don't forget to configure the printer driver's properties to a minimum: disable any extra feeders or functionality offered by the print driver and make sure your paper size is correct.
  • Don't forget that you have to do that configuration in the Device Settings page and in the Printing Defaults of the Advanced page and on the Printing Preferences of the General page.
Tuesday 25 October 2005, at 10:54 GMT+8 by Renaud -
Changed line 9 from:

I wanted to be able to fax through my home server using my laptop at the office.\\

to:

I wanted to be able to fax through my home server using my laptop at the office.\

Changed lines 16-17 from:

I use the strong firewall scripts from Linux IP Masquerade HOWTO and included that configuration in the appropriate section (just search for ip_conntack_ftp in the script).\\ For instance, I have the following entries in the Optional Input section of the script:

to:

I use the strong firewall scripts from Linux IP Masquerade HOWTO and included that configuration in the appropriate section (just search for ip_conntack_ftp in the script).For instance, I have the following entries in the Optional Input section of the script:

Changed lines 20-21 from:

$IPTABLES -A INPUT -i $EXTIF -m state --state NEW,ESTABLISHED,RELATED -p tcp -d $EXTIP --dport 4559 -j ACCEPT -s 22.56.124.56 e

to:

$IPTABLES -A INPUT -i $EXTIF -m state --state NEW,ESTABLISHED,RELATED -p tcp -d $EXTIP --dport 4559 -j ACCEPT -s 22.56.124.56

Tuesday 25 October 2005, at 10:52 GMT+8 by Renaud -
Changed lines 5-7 from:
  • ability to fax from your PC as you print, using a small print driver called winprint.
  • ability to be notified of any failure or success by email, to make sure that the receipeint actually received the fax, or to let someone trying to fax you that know that there is an issue.
  • ability to fax from anywhere through TCP requests on port 4559.
to:
  • ability to fax from your PC as you print, using a small print driver called WinPrint.
  • ability to be notified of any failure or success by email, to make sure that the recipient actually received the fax, or to let someone trying to fax you that know that there is an issue.
  • ability to fax from anywhere through TCP requests on port 4559.
Added line 14:
  • Make sure that your hylaFAX configuration accepts requests from your server by editing the /var/spool/hylafax/etc/hosts.hfaxd file.
Changed lines 16-18 from:

I use the strong firewall scripts from Linux IP Masquerade HOWTO and included that configuration in the appropriate section (just search for ip_conntack_ftp in the script).

  • Make sure that your hylaFAX configuration accepts requests from your server by editing the /var/spool/hylafax/etc/hosts.hfaxd file.
to:

I use the strong firewall scripts from Linux IP Masquerade HOWTO and included that configuration in the appropriate section (just search for ip_conntack_ftp in the script).\\ For instance, I have the following entries in the Optional Input section of the script:

echo -e " - Allowing EXTERNAL access to the FAX server from the Office only"
$IPTABLES -A INPUT -i $EXTIF -m state --state NEW,ESTABLISHED,RELATED -p tcp -d $EXTIP --dport 4559 -j ACCEPT -s 22.56.124.56
e
Changed line 24 from:

To print, simply follow the instructions from the page with these added comments:

to:

To print, simply follow the instructions from the WinPrint page with these added comments:

Changed lines 35-37 from:
  • A useful FAQ entry about firewall configuration for another HylaFAX client.
to:
  • A useful FAQ entry about firewall configuration for another HylaFAX client.

(:comments:)

Tuesday 25 October 2005, at 10:46 GMT+8 by Renaud -
Changed lines 1-2 from:

For faxing I use HylaFAX on my home server.

to:

For faxing I use http://www.hylafax.org/HylaFAX on my home multipurpose linux server.

What does it do then?

Changed lines 7-8 from:
to:
  • ability to fax from anywhere through TCP requests on port 4559.

The problem

Changed line 14 from:
  • Make sure your firewall accepts passive connections from this port: in Linux, use modprobe ip_conntrack_ftp ports=21,4559.
to:
  • Make sure your firewall accepts passive connections from this port: in Linux, use modprobe ip_conntrack_ftp ports=21,4559.\\
Tuesday 25 October 2005, at 10:42 GMT+8 by Renaud -
Added lines 1-29:

For faxing I use HylaFAX on my home server.

It's a very powerful and fairly easy to use Open Source fax server that suits my modest needs:

  • ability to receive incoming faxes as PDF email attachements, so I can retrieve my faxes from anywhere.
  • ability to fax from your PC as you print, using a small print driver called winprint.
  • ability to be notified of any failure or success by email, to make sure that the receipeint actually received the fax, or to let someone trying to fax you that know that there is an issue.

I wanted to be able to fax through my home server using my laptop at the office.
This was a bit of an issue because of security concerns, but also because of a certain lack of information on how to do that properly and configure your firewall appropriately.

Firewall Configuration (HylaFAX Server)

In my case, I want to allow my home server to accept any incoming on Port 4559 (used by HylaFax), but only from my Office IP (I thankfully use fixed IPs):

  • configure your firewall to accept incoming TCP on port 4559.
  • Make sure your firewall accepts passive connections from this port: in Linux, use modprobe ip_conntrack_ftp ports=21,4559.

I use the strong firewall scripts from Linux IP Masquerade HOWTO and included that configuration in the appropriate section (just search for ip_conntack_ftp in the script).

  • Make sure that your hylaFAX configuration accepts requests from your server by editing the /var/spool/hylafax/etc/hosts.hfaxd file.

Windows XP configuration (Client)

To print, simply follow the instructions from the page with these added comments:

  • Go to Start->Coontrol Panel->Printers and Faxes and select the properties of the new HylaFax printer you just added.
  • Select the Ports tab and press Configure Port.... Make sure that the information entered there is right: in my config, the modem is on ttyS1 for instance, and the username and password have to match those you set up in the hosts.hfaxd file above. Your Server adderss must also be right of course. If you want to be notified by email of the success of failures, make sure the default notify is set to a valid email address.
  • If necessary, don't forget to configure the printer driver's properties to a minimum: disable any extra feeders or functionality offered by the print driver and make sure your paper size is correct. Don't forget that you have to do that configuration in the Device Settings page and in the Printing Defaults of the Advanced page and on the Printing Preferences of the General page.

Now you should be set and be able to print. If you encounter issues, you can check a few things from the HylaFAX website.

Resources

  • Troubleshooting HylaFAX™ Problems
  • WinPrint Sourceforge site
  • A useful FAQ entry about firewall configuration for another HylaFAX client.
Design by N.Design Studio, adapted by solidGone.org (version 1.0.0)
Powered by pmwiki-2.2.0-beta65