[SOLVED] MiniDLNA on 22.26

veganix · December 13, 2022, 11:24pm

Hi,
After upgrading to 22.26, I’m no longer able to access MiniDLNA from my Pioneer on any clients. According to the release notes of 22.26 there are changes to the firewall and protection of local services, including MiniDLNA. All diagnostic tests on the Freedombox show that MiniDLNA is running as normal, with access to internal network in the firewall settings. Until the upgrade MiniDLNA (UPnP) was working fine in Rhythmbox/VLC on several clients with UFW and firewalld setups, and also with VLC on Android. I’m no longer able to access the MiniDLNA web interface in client browsers (tried localhost:8200, freedombox.local:8200 and IP:8200). The Freedombox is set up with DMZ on my router, but I have also tested with specific settings for ports 1900 and 8200. Any suggestions?

Peterc · December 14, 2022, 11:18am

Hello @veganix

It the same problem here. After the upgrade the app Kodi on libreelec is no longer accessing MiniDLNA on my Freedombox.

Reason why it ? I thought I would say.

Regards: peter

fefekrzr · December 14, 2022, 7:17pm

That makes three of us. I’ve also been experiencing the same problem since the latest update.

sunil · December 14, 2022, 8:32pm

Folks, sorry for the regression. I shall investigate immediately.

sunil · December 15, 2022, 1:10am

I confirm that minidlna has been incorrectly marked as a service needing protection from local users. I posted a fix minidlna: Fix incorrect marking for firewall local protection (!2317) · Merge requests · FreedomBox / FreedomBox · GitLab . I will post a workaround for use until the release becomes available in a few days.

sunil · December 15, 2022, 2:03am

Until the fix is automatically deployed by the next release, please use the following work around. Run the following commands on a terminal as an admin user:

firewall-cmd --direct --remove-passthrough ipv6 -A INPUT -p tcp --dport 8200 -j REJECT
firewall-cmd --permanent --direct --remove-passthrough ipv6 -A INPUT -p tcp --dport 8200 -j REJECT
firewall-cmd --direct --remove-passthrough ipv4 -A INPUT -p tcp --dport 8200 -j REJECT
firewall-cmd --permanent --direct --remove-passthrough ipv4 -A INPUT -p tcp --dport 8200 -j REJECT

This workaround will be removed if minidlna app is disabled and re-enabled.

fefekrzr · December 15, 2022, 10:14am

Thank you very much for all the amazing work you do! I have run the commands and now my clients can find the server. The workaround works. One thing, though. It’s not a big issue, but just to provide accurate feedback, when I try to access the minidlna page from Plinth, I get a "Not found. The requested URL was not found on this server. " page.
Once more, thank you very much.

Peterc · December 15, 2022, 11:08am

Hello @fefekrzr

Check out the bug report link below for the - "Not found. The requested URL was not found on this server. " issue.

minidlna: can’t access localhost:8200 - DNS rebinding attack suspected I think this same bug is still in Debian next release, Bookworm, up to now ?

Regards: peter

fefekrzr · December 15, 2022, 2:24pm

Thank you very much. I can confirm, the page loads at local.IP:8200.