INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: MC27 minimal internet visibility through firewall?  (Read 707 times)

elsalvador99

  • Recent member
  • *
  • Posts: 38
MC27 minimal internet visibility through firewall?
« on: October 23, 2020, 12:52:16 pm »

Hi Guys,

New installation of MC27 (upgraded).
Central Library on win 8.1 virtual machine, with the intention of having a few client MC27 players using Gizmo remote.

As they're all windows 8.1, I would very much like to limit their visibility of the internet, as I have a very flexible pfSense firewall capable of that sort of thing. They have limited HD space, so I can't allow continual updates which will fill the disk!

Normal routine for this sort of thing is allow obvious stuff (jriver.com, wiki.jriver.com, dns servers etc) then block everything else.
On closer inspection, however, there seem to be other jriver.com hosts with similar IP Addresses.
So I have made my rule so that it allows a whole subnet 216.14.187.161/28
Is this sufficient ?
It certainly seems to be based on current tests (fresh boot, open remote library, play tune) but I'd like the complete picture if you're OK with sharing that. 

Thanks in advance.
Logged

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72438
  • Where did I put my teeth?
Re: MC27 minimal internet visibility through firewall?
« Reply #1 on: October 23, 2020, 02:11:36 pm »

Within your network, MC uses ports 52100 to 52200 for Media Network.

If you're trying to limit access to the outside world, that's not usually done.  Outbound access isn't usually limited.  Inbound access is what's most important.  The wiki has a topic that explains more.  It's called Network Access .
Logged

RoderickGI

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 8186
Re: MC27 minimal internet visibility through firewall?
« Reply #2 on: October 23, 2020, 03:12:17 pm »

MC downloads and installs components as required, so you would need to completely uninstall MC and reinstall, then play a full range of file types to be sure nothing was blocked.

Although having said that, I think if you are using MC for audio only, all components are included in the installation. I'm not sure. But for video, downloads are triggered by file types played.

Mostly only important at Upgrade time, rather than Update time.
Logged
What specific version of MC you are running:MC27.0.27 @ Oct 27, 2020 and updating regularly Jim!                        MC Release Notes: https://wiki.jriver.com/index.php/Release_Notes
What OS(s) and Version you are running:     Windows 10 Pro 64bit Version 2004 (OS Build 19041.572).
The JRMark score of the PC with an issue:    JRMark (version 26.0.52 64 bit): 3419
Important relevant info about your environment:     
  Using the HTPC as a MC Server & a Workstation as a MC Client plus some DLNA clients.
  Running JRiver for Android, JRemote2, Gizmo, & MO 4Media on a Sony Xperia XZ Premium Android 9.
  Playing video out to a Sony 65" TV connected via HDMI, playing digital audio out via motherboard sound card, PCIe TV tuner

elsalvador99

  • Recent member
  • *
  • Posts: 38
Re: MC27 minimal internet visibility through firewall?
« Reply #3 on: October 23, 2020, 05:07:31 pm »

Hi both,

Thanks very much for the quick responses, very interesting.
Interesting to learn that MC downloads extras as it needs them, but apart from a few MKVs and DVDs, the library is all audio.

There's definitely a conversation at startup between the MC and several hosts at jriver.com, according to my packet captures, hence my permit rules for that subnet. I guess from your answers that you don't want to publish all your secrets, understandable.

So I will leave it as-is for now & see if it stops working any time soon...and then check the firewall for blocked traffic.
I will update if I find anything more.
TTFN
Logged

RoderickGI

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 8186
Re: MC27 minimal internet visibility through firewall?
« Reply #4 on: October 23, 2020, 05:57:08 pm »

I'm just a user like you, so no secrets here! Generally, JRiver is pretty open about what goes on as well.

The main conversation you are seeing would be MC confirming IP Addresses used for the Access Key. Plus doing a check for updates, if you have that turned on. That should be all. Apparently MC doesn't call home otherwise, or report usage, as far as I know. There are other things of course, such as looking up metadata, scrobbling, updating the JRiver metadata database YADB, probably more, but those are things activated by settings and activity. Not secret.
Logged
What specific version of MC you are running:MC27.0.27 @ Oct 27, 2020 and updating regularly Jim!                        MC Release Notes: https://wiki.jriver.com/index.php/Release_Notes
What OS(s) and Version you are running:     Windows 10 Pro 64bit Version 2004 (OS Build 19041.572).
The JRMark score of the PC with an issue:    JRMark (version 26.0.52 64 bit): 3419
Important relevant info about your environment:     
  Using the HTPC as a MC Server & a Workstation as a MC Client plus some DLNA clients.
  Running JRiver for Android, JRemote2, Gizmo, & MO 4Media on a Sony Xperia XZ Premium Android 9.
  Playing video out to a Sony 65" TV connected via HDMI, playing digital audio out via motherboard sound card, PCIe TV tuner

elsalvador99

  • Recent member
  • *
  • Posts: 38
Re: MC27 minimal internet visibility through firewall?
« Reply #5 on: October 26, 2020, 07:02:55 am »

Hi RoderickGI

Thanks for the confirmation, it confirms what I've observed, but it's v.nice to get that, much appreciated.

 :)
Logged
Pages: [1]   Go Up