crouton
crouton copied to clipboard
Kodi - Open ports to allow smb/samba browsing
browsing smb/samba shares requires having ports 1025 - 65535 open. Source: https://github.com/dnschneid/crouton/wiki/How-to-mount-network-shares-on-Chromebook-(sshfs,-cifs,-nfs-etc)
this patch grabs the ip address from wlan0 and opens the ports when the source ip is within the local subnet. if wlan0 has no ip, it does not modify iptables.
I'm not sure how many ChromeOS devices have an eth0, or any other interfaces that should be accounted for. or perhaps there is a better way to accomplish the same thing.
iptables gets reset on reboots, so it's probably not a big deal that the rule doesn't get cleared. however, i would love to clear the port forward when kodi closes, or the chroot exits. do you have any ideas for this @dnschneid ?
OK, i've updated the command, and switched to using a variable so i could easily keep the line length down.
The only issue i still have with this is clearing the rule after kodi closes. I'm not sure the best way to do this, but it's not really that big of a deal...
ok, previously this would fail if no network exists, i changed the test, removed the -n
. This seems to work from my end. please let me know if you see any other issues with the code @DennisLfromGA @divx118
thanks a bunch for your help guys!
thanks @divx118 !
LGTM2 👍
@dnschneid Thanks for the direction, but unfortunately that's mostly Chinese to me...
can you point me in the direction of something i can build off of?
Unfortunately, I don't think there's anything like it at the moment, and this feature has a weird set of requirements
- root permission, regardless of which user is running kodi
- needs to be triggered when the chroot unmounts
- needs to only be triggered when launching kodi
I guess if we accept the caveat that you can only launch one kodi at a time, you can just get rid of the exec keyword in the startkodi script and add a trap on INT/HUP/0 to run the ip command.
i'll poke around and see what i can come up with.
i'd be happy for suggestions/recommendations from the peanut gallery ;)
@dnschneid do you consider the removal of this iptables rule to be imperative to the merging of this patch?
z
I agree with @RUDIVANTORRE. It should be pretty straightforward to make the change, so I think the merge can wait until you have it working.