Dynamic port range for Wiretap clients, and static server filtering in network.cfg.
You can now define the port range for all Wiretap clients in /opt/Autodesk/cfg/network.cfg.
To pass through a firewall, the client needs a narrower range than 0xC000 - 0xFFFF. You might also want to dedicate a range for the Wiretap events that do not overlap with other applications. This will apply to all dynamic port range which is essentially the events receiving ports.
The OS dynamic port range will typically be between from 49152 (0xC000) to# 65535 (0xFFFFd). On Linux, this can be changed globally by editing /proc/sys/net/ipv4/ip_local_port_range.
You can edit this range for application and daemons that use dynamic ports by restricting the following values.
To address the needs of environments without multicast, you can define server addresses for Wiretap in the network.cfg file. You also define IP ranges and filter. In some network environments, setting static addresses often mean faster connections.
Both Accept and Reject can be defined and connection must satisfy both requirements to be allowed.
Excerpt from the network.cfg file:
[Filtering] # WARNING: Experimental - might be removed in a future version. # Outgoing connections can be blocked by filtering either inclusively or # exclusively on IP address range. IP ranges are specified by using a base # IP and either a subnet mask or a routing prefix in bits. # # For example: # '192.168.0.0/24' and '192.168.0.0/255.255.255.0' are equivalent and cover # the same IP range, that is from 192.168.0.0 to 192.168.0.255. # # By default, Wiretap servers expose to clients all their available IP # addresses, as defined in the [Metadata] and [Data] sections. Note that # these IP addresses are exposed in the order in which they appear first in # the [Metadata] section, and then the [Data] one. # # However, in a heterogeneous network configuration, some IPs might not be # accessible and could cause delays when attempting a connection. By defining # the available IPs either inclusively or exclusively, delays can be avoided. # # You can also use inclusive and exclusive IP ranges to avoid using the # preferred network interface of a server for low bandwidth communication. # Simply add the faster IP to the list of Exclusive IP range filtering. # Inclusive IP range filtering # # Only allow connections to IP addresses in the Accept list. # Multiple ranges can be specified by separating them with a comma. # # Default: Accept= # #Accept= # Exclusive IP range filtering # # Reject connections to IP addresses in the Reject list. # Multiple ranges can be specified by separating them with a comma. # # Default: Reject= # #Reject= # Both Accept and Reject can be defined and a connection must # satisfy both requirements to be allowed. # # Examples: # # Accept=192.168.0.0/24,10.11.0.0/16 # # Will allow 192.168.0.1 and 10.11.0.1 but will # reject 192.168.1.1 and 10.12.0.1. # # Accept=192.168.0.0/16 # Reject=192.168.1.0/24 # # Will allow 192.168.0.1 but will reject 92.168.1.1. # # Reject=192.168.1.12 # # All addresses will be allowed except 192.168.1.12. # # Accept=192.168.0.0/255.255.0.0 # # Same as Accept=192.168.0.0/16
wiretap_ping timeout is now considered when a server is not found.