Community Forum

Resolved
0 votes
I am new to ClearOS so I am not sure if I am posting this in the correct forum area.

I have a new machine that I built for a firewall device. Currently I have ClearOS setup as a gateway with the content filtering and web proxy installed. Using the DHCP with port forwarding. I am able to get ClearOS working and my internet speed is what I am expecting.

I am using the default settings with no users or groups setup for the filtering. I have the content filtered by some of the options.

My issue is that we are experiencing lots of streaming issues. We use the Playstation Vue for our service. With my old Netgear router we never had any issues. When I put the ClearOS in service our streaming would frequently stop, buffer, pause, ect. Some PSV channels did not work or load at all. This happens with the ESPN app or any other app we tried to use. I am using Fire TV devices both wired and wireless.

I removed the ClearOS device and now the streaming works fine.

Is there a setting I need to change or something I have to setup to setup to get the streaming to play seamless?
Monday, March 12 2018, 01:59 PM
Share this post:
Responses (13)
  • Accepted Answer

    Tuesday, March 20 2018, 03:39 AM - #Permalink
    Resolved
    0 votes
    thanks for your tips
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 19 2018, 01:13 PM - #Permalink
    Resolved
    0 votes
    I don't know where the thread disappeared to either. It disappeared soon after I asked for the app to be promoted to the clearos-contribs repo on Friday. I'll be asking for it to reappear in the Marketplace tomorrow.
    The reply is currently minimized Show
  • Accepted Answer

    J Kelly
    J Kelly
    Offline
    Monday, March 19 2018, 12:12 PM - #Permalink
    Resolved
    0 votes
    The following link: https://www.clearos.com/clearfoundation/social/community/miniupnpd-is-on-its-way-back-testing-required
    which was posted below in this thread does not work. That's where I get the error message. No links posted in these forums to other posts work for me, they all redirect to the forum index.

    I ended up figuring out how to install it using yum and it appears it's working. My problem (Xbox Live cant connect) seemed to actually be caused by netify, which even after "uninstalling" it from webconfig was still running. I had to remove it with yum.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 19 2018, 08:43 AM - #Permalink
    Resolved
    0 votes
    J Kelly wrote:

    When I click the link to the Miniupnpd app I get the message: Sorry, but you don't have sufficient privileges to perform this action.
    Are you logged in as root when you do this?

    Can you start it from the command line with a:
    systemctl start miniupnpd.service
    (again as root).
    The reply is currently minimized Show
  • Accepted Answer

    J Kelly
    J Kelly
    Offline
    Monday, March 19 2018, 12:35 AM - #Permalink
    Resolved
    0 votes
    When I click the link to the Miniupnpd app I get the message: Sorry, but you don't have sufficient privileges to perform this action.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, March 13 2018, 09:15 AM - #Permalink
    Resolved
    0 votes
    I've just remembered, in the Proxy config you can set a bypass rule for various LAN IP's. For this to work best you should use Static Leases in the DHCP server for those machines. It looks like the feature was designed for the Transparent Proxy as it only seems to bypass port 80 in Transparent mode and does nothing in non-transparent mode.

    You could also try setting up a Custom Firewall rule to bypass all ports with something like:
    $IPTABLES -t nat -I PREROUTING -s your_device_LAN_IP -j ACCEPT
    Again it works best when you use Static Leases
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 12 2018, 10:17 PM - #Permalink
    Resolved
    0 votes
    Miniupnpd is purely a firewall app so does not touch the content filter or proxy. I don't use either so I don't know what is necessary.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 12 2018, 09:50 PM - #Permalink
    Resolved
    0 votes
    I appreciate your timely responses. I have been doing some reading and found that other firewall OS suggest that you create policies to exclude devices (such as Xbox, PS4, ect) from the HTTP & HTTPS scanning as well as the web/content filtering.

    Is this possible or will the Miniupnpd app do this for me?
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 12 2018, 09:33 PM - #Permalink
    Resolved
    0 votes
    It would be a good idea to remove the custom firewall rule, but not necessarily too critical if you use the rule I suggested as it only opens the firewall to your current LAN subnet and not the whole internet.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 12 2018, 08:40 PM - #Permalink
    Resolved
    0 votes
    I currently have the UPnp setup on my router. At this time I have a laptop connected to ClearOS to access the Web Config. I can connect the WAN to my LAN (I had it set this way earlier for testing).

    If I install the custom firewall rule, do I have to remove it once I put the ClearOS back in service?
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 12 2018, 08:22 PM - #Permalink
    Resolved
    0 votes
    So you don't have a driver problem.

    Miniupnpd is a daemon providing UPnP services to devices and it effectively automatically sets up port forwards. It is sometimes considered a security loophole but is often needed in a domestic environment for things like the PS4. Check in your normal router to see if you UPnP enabled. It may well help with your streaming issue.

    As a temporary set up, can I suggest you connect your ClearOS WAN to your LAN. You will be able to access the Webconfig on port 81 if you have not disabled it (you should really when you connect it to the internet proper). Then add a custom firewall rule:
    $IPTABLES -I INPUT -s your_LAN_subnet_in_CIDR_form -j ACCEPT
    This will fully open up your ClerOS WAN just to your LAN subnet.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 12 2018, 07:42 PM - #Permalink
    Resolved
    0 votes
    I pulled the firewall device and it is not connected to the internet so I had to manually type the info.

    02.00.0 Ethernet controller: Intel Corporation I210 Gigabit Network Connection
    Subsystem: Super Micro Computer Inc Device 1533
    Kernel driver in use: igb
    Kernel modules: igb

    05.00.0 Ethernet controller: Intel Corporation I210 Gigabit Network Connection
    Subsystem: Super Micro Computer Inc Device 1533
    Kernel driver in use: igb
    Kernel modules: igb

    06.00.0 Ethernet controller: Intel Corporation I210 Gigabit Network Connection
    Subsystem: Super Micro Computer Inc Device 1533
    Kernel driver in use: igb
    Kernel modules: igb

    07.00.0 Ethernet controller: Intel Corporation I210 Gigabit Network Connection
    Subsystem: Super Micro Computer Inc Device 1533
    Kernel driver in use: igb
    Kernel modules: igb

    What is the Miniupnpd app for? Will it help with my streaming issue?
    The reply is currently minimized Show
  • Accepted Answer

    Monday, March 12 2018, 05:42 PM - #Permalink
    Resolved
    0 votes
    Can you give the output to:
    lspci -k | grep Eth -A 3


    Also you may want the Miniupnpd app to enable UPnP functionality in the server. I am hoping to get it released through the marketplace this week but, until then, it is a manual install.
    The reply is currently minimized Show
Your Reply